I am looking for active Lemmy accounts about software vulnerabilities, CVEs, etc. It could be specific to GHSA, CSAF, PySEC, GSD, Pypi or whatever.

I will use it in a software vulnerability lookup projects: https://github.com/cve-search/vulnerability-lookup/ in order to create Sightings about vulnerabilities.

(it’s fine as well if you can provide me Mastodon accounts. I already follow CVE program)

thank you !

  • wizardbeard@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    0
    ·
    18 days ago

    That’s not really how Lemmy works, it’s more like Reddit, where you’d probably want to look at communities. But I’ve not seen anyone announce any new vulns here, people just post links to articles about them.

    Searching for communities from the db0 instance should get you a bunch related to cybersecurity and infosec (only reccomending as some other instances have defederated from the .ml instance you’re posting from/in). If I have some time later I’ll edit this post with some.

    • Cedric@lemmy.mlOP
      link
      fedilink
      arrow-up
      0
      ·
      14 days ago

      hello,

      Thank you very much for your reply and the information. I’ll have a look at your links.

      Actually, I am simply looking for various information about vulnerabilities. The goal is not to find announcements of vulnerabilities. This is part of the “Vulnerability Lookup” project: https://vulnerability.circl.lu/ where we gather “sightings”: https://vulnerability.circl.lu/sightings

      A sighting can have various sources such as: GitHub Gist, Pastebin, Fediverse, Telegram channels, etc. So yes… here my questions is about sightings from the Fediverse. For now I am happy with this simple tool to monitor the Fediverse: https://github.com/CIRCL/FediVuln

      It is able to find status related to security vulnerabilities and generate sightings in our “Vulnerability Lookup” project. That’s it ;-)

      thank you !