chg: Better to have this content here than on LinkedIn.

content/news/2024-11-14-vulnerability-lookup-2-1-0.md

@@ -4,7 +4,6 @@ slug: vulnerability-lookup-2-1-0
 layout: news
 date: 2024-11-14
 tags:
-    - Vulnerability-Lookup
     - release
 excludeSearch: true
 ---

content/news/2024-11-29-vulnerability-lookup-2-2-0.md

@@ -4,7 +4,6 @@ slug: vulnerability-lookup-2-2-0
 layout: news
 date: 2024-11-28
 tags:
-    - Vulnerability-Lookup
     - release
 excludeSearch: true
 ---

content/news/2024-12-17-vulnerability-lookup-2-3-0.md

@@ -4,7 +4,6 @@ slug: vulnerability-lookup-2-3-0
 layout: news
 date: 2024-12-17
 tags:
-    - Vulnerability-Lookup
     - release
 excludeSearch: true
 ---

content/news/2025-01-07-gist.md

@@ -0,0 +1,59 @@
+---
+title: "Monitoring Gists"
+slug: monitoring-gists
+layout: news
+date: 2025-01-07
+tags:
+    - Sightings
+    - Gist
+    - GitHub
+---
+
+We're expanding our coverage to include GitHub Gists as a valuable source of vulnerability sightings!
+
+## Why Gists?
+
+Gists frequently contain sensitive leaked information, such as email address lists,
+passwords, API keys, SSH private keys, logs, zero-day exploits, or proof-of-concept
+(PoC) scripts for vulnerabilities.
+
+As part of the Vulnerability-Lookup project, we are now actively monitoring their
+creation in order to generate sightings related to vulnerabilities in our database.
+
+
+## Browse the Latest Findings
+
+We've recently identified from this source various proof-of-concepts:  
+https://vulnerability.circl.lu/sightings/?query=gist.github
+
+
+
+## Real-Time Integration
+
+All sightings are automatically reflected on the Vulnerability-Lookup dashboard.
+In this case, the charts showing exploitations and confirmations over the past week are affected.
+
+![Home page](/images/news/2025/2025-01-07-home-page.png)
+
+More specifically, you can take a look at recent sightings related to CVE-2020-1102.
+Observe the correlation of sightings from exploit-db.com, HackerOne, and the indentified Gist:  
+https://vulnerability.circl.lu/vuln/CVE-2020-11022#sightings
+(or see the screenshot)
+
+![Sightings](/images/news/2025/2025-01-07-sightings.png)
+
+
+## Enhanced Bluesky Integration
+
+We’re also gathering richer insights from the Bluesky network.
+With the latest update of BlueSkySight, you can now connect directly to Bluesky's firehose or via a Jetstream service. Depending on your preference.
+
+You can also use BlueSkySight for your own intelligence work. Check out the documentation for more details:  
+https://github.com/CIRCL/BlueSkySight
+
+
+## Your contributions
+
+Finally, if you have observations or comments to share, you can create your account:
+https://vulnerability.circl.lu/user/signup
+

content/news/2025-01-10-vulnerability-lookup-2-4-0.md

@@ -4,7 +4,6 @@ slug: vulnerability-lookup-2-4-0
 layout: news
 date: 2025-01-10
 tags:
-    - Vulnerability-Lookup
     - release
 excludeSearch: true
 ---

content/news/2025-01-16-expanding-sources-of-security-advisories-and-sightings-in-vulnerability-lookup.md

@@ -0,0 +1,67 @@
+---
+title: "Expanding Sources of Security Advisories and Sightings in Vulnerability-Lookup"
+slug: expanding-sources-of-security-advisories-and-sightings-in-vulnerability-lookup
+layout: news
+date: 2025-01-16
+tags:
+    - Sightings
+    - CSAF
+    - FKIE
+    - Microsoft
+    - Mastodon
+    - Bluesky
+---
+
+
+## Security Advisories
+
+We’ve recently added new correlating sources for Security Advisories:
+
+- Microsoft CSAF Security Advisories:  
+  https://vulnerability.circl.lu/recent#csaf_microsoft
+- We've also added a new source from [Fraunhofer FKIE](https://www.fkie.fraunhofer.de),
+  which provides a community reconstruction
+  of the legacy JSON NVD Data Feeds (at the end it's more information).
+  This is accessible at:  
+  https://vulnerability.circl.lu/recent#fkie_nvd
+
+One of the core strengths of Vulnerability-Lookup is its ability to correlate these new sources with existing ones. For example, you can view how vulnerabilities like CVE-2025-21385 appear across multiple sources:
+
+- CVE Project: https://vulnerability.circl.lu/vuln/CVE-2025-21385
+- Fraunhofer FKIE: https://vulnerability.circl.lu/vuln/fkie_CVE-2025-21385
+- CSAF Microsoft: https://vulnerability.circl.lu/vuln/msrc_cve-2025-21385
+
+
+![NVD - FKIE - CVE Program](/images/news/2025/2025-01-16-fkie.png)
+
+![Homepage](/images/news/2025/2025-01-16-home-page.png)
+
+## Broader Monitoring
+
+We’ve updated some of our monitoring tools (see the Ref. section at the end) to provide a broader view of security advisories discussed across the web and in the news.
+
+Observations:
+
+- Mentions of Red Hat CSAF Security Advisories are notably increasing
+  within the vibrant Infosec.Exchange Mastodon community: https://infosec.exchange
+- Security advisories from GitHub (GHSA) and Red Hat CSAF are widely
+  shared on Mastodon but receive minimal attention on Bluesky.
+
+We are also actively monitoring activity related to
+[CERT-FR security advisories](https://vulnerability.circl.lu/sightings/?query=CERTFR)
+on both Mastodon and Bluesky.
+
+As you can see in one of the screenshot, we have as well sightings from bug trackers like Bugzilla. This kind of sighting is made possible thanks to a community of experts willing to share data. So if you think you can contribute, do not hesitate:  
+https://vulnerability.circl.lu/user/signup
+
+![Sightings correlations](/images/news/2025/2025-01-16-sightings-correlations.png)
+![Sightings](/images/news/2025/2025-01-16-sightings.png)
+
+## References
+
+- https://github.com/CIRCL/FediVuln
+- https://github.com/CIRCL/BlueSkySight
+- https://vulnerability.circl.lu
+
+
+