<?xml version="1.0" encoding="UTF-8"?>
<urlset
  xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
  xmlns:news="http://www.google.com/schemas/sitemap-news/0.9"
>
  <url>
    <loc>https://invaders.ie/resources/blog/vulnerability/gitea-docker-cve-2026-20896-reverse-proxy-auth-bypass</loc>
    <news:news>
      <news:publication>
        <news:name>Invaders Security</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-12T08:06:12.902Z</news:publication_date>
      <news:title>Gitea Docker flaw turns a trusted proxy header into account takeover</news:title>
      <news:keywords>Gitea, CVE-2026-20896, Docker, reverse proxy authentication, X-WEBAUTH-USER, authentication bypass, account takeover, source code security, DevSecOps, trusted proxy</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://invaders.ie/resources/blog/vulnerability/u-boot-fit-signature-flaws-pre-os-trust-boundary</loc>
    <news:news>
      <news:publication>
        <news:name>Invaders Security</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-11T08:05:13.727Z</news:publication_date>
      <news:title>U-Boot FIT signature flaws expose a fragile pre-OS trust boundary</news:title>
      <news:keywords>U-Boot, FIT signature verification, firmware security, bootloader, BRLY-2026-037, BRLY-2026-038, secure boot, embedded Linux, BMC, supply chain</news:keywords>
    </news:news>
  </url>
</urlset>