<?xml version="1.0" encoding="UTF-8"?>
<urlset
  xmlns="http://www.sitemaps.org/schemas/sitemap/0.9"
  xmlns:news="http://www.google.com/schemas/sitemap-news/0.9"
>
  <url>
    <loc>https://invaders.ie/resources/blog/vulnerability/beyondtrust-cve-2026-40138-cve-2026-40139-auth-bypass</loc>
    <news:news>
      <news:publication>
        <news:name>Invaders Security</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-13T08:08:36.254Z</news:publication_date>
      <news:title>BeyondTrust auth bypass flaws put remote support appliances on the urgent patch list</news:title>
      <news:keywords>BeyondTrust, CVE-2026-40138, CVE-2026-40139, CVE-2026-40140, CVE-2026-40141, Remote Support, Privileged Remote Access, authentication bypass, improper authentication, privileged access, remote support appliance, self-hosted appliance security</news:keywords>
    </news:news>
  </url>
  <url>
    <loc>https://invaders.ie/resources/blog/vulnerability/gitea-docker-cve-2026-20896-reverse-proxy-auth-bypass</loc>
    <news:news>
      <news:publication>
        <news:name>Invaders Security</news:name>
        <news:language>en</news:language>
      </news:publication>
      <news:publication_date>2026-07-12T08:06:12.902Z</news:publication_date>
      <news:title>Gitea Docker flaw turns a trusted proxy header into account takeover</news:title>
      <news:keywords>Gitea, CVE-2026-20896, Docker, reverse proxy authentication, X-WEBAUTH-USER, authentication bypass, account takeover, source code security, DevSecOps, trusted proxy</news:keywords>
    </news:news>
  </url>
</urlset>