I am looking for active Lemmy accounts about software vulnerabilities, CVEs, etc. It could be specific to GHSA, CSAF, PySEC, GSD, Pypi or whatever.
I will use it in a software vulnerability lookup projects: https://github.com/cve-search/vulnerability-lookup/ in order to create Sightings about vulnerabilities.
(it's fine as well if you can provide me Mastodon accounts. I already follow CVE program)
thank you !
That's not really how Lemmy works, it's more like Reddit, where you'd probably want to look at communities. But I've not seen anyone announce any new vulns here, people just post links to articles about them.
Searching for communities from the db0 instance should get you a bunch related to cybersecurity and infosec (only reccomending as some other instances have defederated from the .ml instance you're posting from/in). If I have some time later I'll edit this post with some.
EDIT: Posting from my phone, so apologies that these are direct links rather than in the "home instance agnostic" format
CyberSec communities: https://lemmy.ml/c/cryptography https://infosec.pub/c/cybersecurity https://sh.itjust.works/c/cybersecurity https://lemmy.zip/c/databreaches https://infosec.pub/c/pulse_of_truth https://infosec.pub/c/securitynews
Sysadmin communities: https://lemmy.world/c/sysadmin https://lemmy.ml/c/sysadmin
Privacy (usually tech related) communities: https://lemmy.ca/c/privacy https://lemmy.ml/c/privacy https://lemmy.world/c/privacy https://programming.dev/c/privacy https://links.hackliberty.org/c/privacy
hello,
Thank you very much for your reply and the information. I'll have a look at your links.
Actually, I am simply looking for various information about vulnerabilities. The goal is not to find announcements of vulnerabilities. This is part of the "Vulnerability Lookup" project: https://vulnerability.circl.lu/ where we gather "sightings": https://vulnerability.circl.lu/sightings
A sighting can have various sources such as: GitHub Gist, Pastebin, Fediverse, Telegram channels, etc. So yes... here my questions is about sightings from the Fediverse. For now I am happy with this simple tool to monitor the Fediverse: https://github.com/CIRCL/FediVuln
It is able to find status related to security vulnerabilities and generate sightings in our "Vulnerability Lookup" project. That's it ;-)
thank you !