<?xml version="1.0" encoding="UTF-8"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9">
  <url>
    <loc>https://hackyjs.com/posts/androids-july-2026-bulletin-sorting-124-cves-to-find-the-one-that-matters-most</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-04T00:00:00.000Z</news:publication_date>
      <news:title>Android’s July 2026 Bulletin: Sorting 124 CVEs to Find the One That Matters Most</news:title>
      <news:keywords>android, security, cve, patch-management</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/auditing-your-checkouts-javascript-after-the-e-commerce-mass-exploit-wave</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-04T00:00:00.000Z</news:publication_date>
      <news:title>Auditing Your Checkout’s JavaScript After the E-Commerce Mass-Exploit Wave</news:title>
      <news:keywords>cybersecurity, ecommerce, javascript, checkout-security</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/dissecting-the-microsoft-exchange-ssrf-poc-exploitation-flow-and-practical-hardening</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-04T00:00:00.000Z</news:publication_date>
      <news:title>Dissecting the Microsoft Exchange SSRF PoC: Exploitation Flow and Practical Hardening</news:title>
      <news:keywords>cybersecurity, microsoft-exchange, ssrf, vulnerability-hardening</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/dont-wait-for-cves-embedding-vulnerability-detection-and-patching-into-the-cicd-pipeline</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-04T00:00:00.000Z</news:publication_date>
      <news:title>Don&apos;t Wait for CVEs: Embedding Vulnerability Detection and Patching into the CI/CD Pipeline</news:title>
      <news:keywords>ci-cd, vulnerability-management, devsecops, patching</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/securing-apis-after-the-india-breach-practical-defensive-patterns-for-developers</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-04T00:00:00.000Z</news:publication_date>
      <news:title>Securing APIs After the India Breach: Practical Defensive Patterns for Developers</news:title>
      <news:keywords>api-security, incident-response, rate-limiting, authentication</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/fake-google-and-cloudflare-verification-pages-are-dropping-malware-what-developers-need-to-test</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T00:00:00.000Z</news:publication_date>
      <news:title>Fake Google and Cloudflare Verification Pages Are Dropping Malware: What Developers Need to Test</news:title>
      <news:keywords>cybersecurity, malware, phishing, cloudflare, google</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/from-network-packet-to-code-execution-tracing-the-watchguard-firebox-rce-attack-surface</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T00:00:00.000Z</news:publication_date>
      <news:title>From Network Packet to Code Execution: Tracing the WatchGuard Firebox RCE Attack Surface</news:title>
      <news:keywords>cybersecurity, watchguard, firebox, rce</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/from-prompt-injection-to-payload-auditing-llm-api-integrations-for-agentic-ransomware</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T00:00:00.000Z</news:publication_date>
      <news:title>From Prompt Injection to Payload: Auditing LLM API Integrations for Agentic Ransomware</news:title>
      <news:keywords>llm-security, prompt-injection, ransomware, api-integrations</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/how-fake-cisco-anyconnect-installers-use-javascript-to-drop-sharkloader</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T00:00:00.000Z</news:publication_date>
      <news:title>How Fake Cisco AnyConnect Installers Use JavaScript to Drop SharkLoader</news:title>
      <news:keywords>cybersecurity, malware, javascript, cisco-anyconnect, sharkloader</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/llm-vetting-for-developers-what-to-actually-test-before-integrating</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T00:00:00.000Z</news:publication_date>
      <news:title>LLM Vetting for Developers: What to Actually Test Before Integrating</news:title>
      <news:keywords>llm, ai-security, developer-tools, testing</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://hackyjs.com/posts/tracking-avalons-lolbin-chain-to-crownx-detection-with-sigma-rules</loc>
    <news:news>
      <news:publication>
        <news:name>Hacky JS</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-03T00:00:00.000Z</news:publication_date>
      <news:title>Tracking Avalon’s LOLBin Chain to CrownX: Detection with Sigma Rules</news:title>
      <news:keywords>cybersecurity, malware, ransomware, sigma-rules</news:keywords>
    </news:news>
  </url>
</urlset>
