this post was submitted on 01 Nov 2024
16 points (100.0% liked)

Security

5014 readers
1 users here now

Confidentiality Integrity Availability

founded 4 years ago
MODERATORS
 

I am looking for active Lemmy accounts about software vulnerabilities, CVEs, etc. It could be specific to GHSA, CSAF, PySEC, GSD, Pypi or whatever.

I will use it in a software vulnerability lookup projects: https://github.com/cve-search/vulnerability-lookup/ in order to create Sightings about vulnerabilities.

(it's fine as well if you can provide me Mastodon accounts. I already follow CVE program)

thank you !

you are viewing a single comment's thread
view the rest of the comments
[โ€“] wizardbeard@lemmy.dbzer0.com 10 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

That's not really how Lemmy works, it's more like Reddit, where you'd probably want to look at communities. But I've not seen anyone announce any new vulns here, people just post links to articles about them.

Searching for communities from the db0 instance should get you a bunch related to cybersecurity and infosec (only reccomending as some other instances have defederated from the .ml instance you're posting from/in). If I have some time later I'll edit this post with some.

EDIT: Posting from my phone, so apologies that these are direct links rather than in the "home instance agnostic" format

CyberSec communities: https://lemmy.ml/c/cryptography https://infosec.pub/c/cybersecurity https://sh.itjust.works/c/cybersecurity https://lemmy.zip/c/databreaches https://infosec.pub/c/pulse_of_truth https://infosec.pub/c/securitynews

Sysadmin communities: https://lemmy.world/c/sysadmin https://lemmy.ml/c/sysadmin

Privacy (usually tech related) communities: https://lemmy.ca/c/privacy https://lemmy.ml/c/privacy https://lemmy.world/c/privacy https://programming.dev/c/privacy https://links.hackliberty.org/c/privacy

[โ€“] cedric@lemmy.ml 2 points 1 week ago

hello,

Thank you very much for your reply and the information. I'll have a look at your links.

Actually, I am simply looking for various information about vulnerabilities. The goal is not to find announcements of vulnerabilities. This is part of the "Vulnerability Lookup" project: https://vulnerability.circl.lu/ where we gather "sightings": https://vulnerability.circl.lu/sightings

A sighting can have various sources such as: GitHub Gist, Pastebin, Fediverse, Telegram channels, etc. So yes... here my questions is about sightings from the Fediverse. For now I am happy with this simple tool to monitor the Fediverse: https://github.com/CIRCL/FediVuln

It is able to find status related to security vulnerabilities and generate sightings in our "Vulnerability Lookup" project. That's it ;-)

thank you !