<?xml version="1.0" encoding="UTF-8"?>
<!--generator='jetpack-16.1-a.1'-->
<!--Jetpack_Sitemap_Buffer_News_XMLWriter-->
<?xml-stylesheet type="text/xsl" href="//sra.io/news-sitemap.xsl"?>
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:news="http://www.google.com/schemas/sitemap-news/0.9" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.sitemaps.org/schemas/sitemap/0.9 http://www.sitemaps.org/schemas/sitemap/0.9/sitemap.xsd">
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMSNightmare%2FLegacyHive&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7C3debef17b5484fb8c8bd08dee43896b9%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639199128887031899%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=y6HVNbYdue4inFIH2gRbOVM9dBaRqNPuHLf2SGMNwPU%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-17T19:36:19Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>LegacyHive Windows Zero-Day PoC Enables Local Privilege Escalation on Fully Patched Systems</news:title>
   <news:publication_date>2026-07-17T19:36:19Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fexpel.com%2Fblog%2Fintroducing-cylindricalcanine%2F&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7C0b6b99acd2124478639c08dee438957a%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639199128876953184%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=audsD3A54TQdQflmYs5pVqlXeCRSgkDA%2BLsAdtIPeCU%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-17T19:35:14Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>🚩 Chinese Cybercrime Group GoldenEyeDog&amp;#039;s CylindricalCanine Subgroup Distributes Golden Gh0st RAT via Phishing, Compromised DigiCert to Steal Code-Signing Certificates.</news:title>
   <news:publication_date>2026-07-17T19:35:14Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.strix.ai%2Fblog%2Fn8n-cross-issuer-account-takeover&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7Cfcd100c8941a4b1f441008dee4389617%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639199128876955539%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=8XfIgpltE1i%2BsE9PoPpoBQosB%2BE%2FEXPjcATEJVJrG5w%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-17T19:34:00Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>n8n Fixes Enterprise JWT Identity Binding Flaw That Could Allow Cross-Issuer Account Impersonation</news:title>
   <news:publication_date>2026-07-17T19:34:00Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.zoom.com%2Fen%2Ftrust%2Fsecurity-bulletin%2Fzsb-26014%2F&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7C9ba45cd606644e45438a08dee37420a7%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639198285073506671%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=jcQOH%2Fc0SJGC5s9Y70gzZBPUP5HCE2HgueaDxUHET6o%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-16T20:08:05Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>Critical Zoom Windows Client Flaw Allows Unauthenticated Attackers to Take Over Accounts</news:title>
   <news:publication_date>2026-07-16T20:08:05Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fblog.talosintelligence.com%2Fuat-11795-deploys-novel-starland-rat-and-bespoke-wldr-c2-implant-in-financially-motivated-campaign%2F&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7Ca753ef3549334fa5668708dee3741e26%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639198285066035905%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=Nqy%2FzQjkYmUyBLF30t4N8c6fv25SkdNM47tvs9JRs%2F4%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-16T20:07:17Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>🚩 UAT-11795 Uses Trojanized Installers to Deploy Starland RAT and WLDR PowerShell C2</news:title>
   <news:publication_date>2026-07-16T20:07:17Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fblackpointcyber.com%2Fblog%2Flabubarat-a-rust-based-remote-access-tool-masquerading-as-nvidia-software%2F&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7C0017bf16ef4647d421c508dee37420f9%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639198285066027575%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=oN1EHoGKi11P2qvi9SS%2F5WSo6nNSEbWdJS%2FKSAgvuOU%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-16T20:06:22Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>🚩 New Rust Based Remote Access Tool &amp;quot;LabubaRAT&amp;quot; Masquerades as NVIDIA Software to Gain Full Control of Windows Hosts</news:title>
   <news:publication_date>2026-07-16T20:06:22Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.security.com%2Fthreat-intelligence%2Fdaxin-returns-stupig&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7Ca9663d4066ae43fe37d708dee2a5abfa%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639197398369323948%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=wJfpIAmqBkr1AnU9s%2BIFMsX9JD9nKUK3gOwv76IXAiI%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-15T20:11:19Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>🚩 Symantec finds resurfaced Daxin rootkit and new Stupig backdoor on Taiwan manufacturing network</news:title>
   <news:publication_date>2026-07-15T20:11:19Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.infostealers.com%2Farticle%2Fhow-an-infostealer-infection-led-to-a-sophisticated-clickfix-campaign-at-artlist%2F&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7C3dd85a60d0064fcd930608dee2a5aced%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639197398359362922%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=wy1Q7tDTfNb0azBYWTpV56eM7QAtMbBh%2FvMAGMI20%2Fw%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-15T20:09:44Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>🚩 ClickFix campaign compromises Artlist subdomain after years-old infostealer infection exposes privileged WordPress credentials.</news:title>
   <news:publication_date>2026-07-15T20:09:44Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
 <url>
  <loc>https://nam10.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.cisa.gov%2Fnews-events%2Falerts%2F2026%2F07%2F14%2Fcisa-urges-sharepoint-hardening-after-new-exploitations&amp;#038;data=05%7C02%7Ckimberly.kaleta%40sra.io%7C0fa8618311b9450427af08dee2a5acaa%7C9bdee6ea21c54c1ca6c941dc3d08c310%7C0%7C0%7C639197398359401099%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&amp;#038;sdata=UPTz29gIU0vXFxtho4uNCcbvO%2B32Ho9oJ4YetOa1b90%3D&amp;#038;reserved=0#new_tab</loc>
  <lastmod>2026-07-15T20:08:36Z</lastmod>
  <news:news>
   <news:publication>
    <news:name>Security Risk Advisors</news:name>
    <news:language>en</news:language>
   </news:publication>
   <news:title>CISA Warns of Active Exploitation of Multiple SharePoint Server Vulnerabilities Enabling Remote Code Execution and Persistence Across On-Premises Instances.</news:title>
   <news:publication_date>2026-07-15T20:08:36Z</news:publication_date>
   <news:genres>Blog</news:genres>
  </news:news>
 </url>
</urlset>