I'm happy to announce the long-awaited first release of misp-modules-cli version 1.0.0.

I'm happy to announce the long-awaited first release of misp-modules-cli version 1.0.0.

This initial release makes it nifty and convenient to use MISP expansion modules directly from the command line, whether you are working against a local or remote misp-modules service. The goal is simple: bring the power of misp-modules into a lightweight CLI workflow that is easy to script, automate, and integrate into daily analysis work.

#misp #mispmodules #threatintelligence #threatintel #opensource #cli #cybersecurity #osint

@misp

Release note https://github.com/MISP/misp-modules-cli/releases/tag/v1.0
misp-modules-cli https://github.com/MISP/misp-modules-cli
misp-modules https://github.com/MISP/misp-modules

@decio Cool! Let us know if you see anything missing.

@nicoe uv is pretty cool to run custom version of Python. I bet OpenAI will push some cash on it and then they will drop the support and a fork will appear later.

With the recent integration of CERT-VDE’s CSAF advisories, it becomes even clearer why diverse vulnerability data sources are essential.

CSAF delivers direct vendor remediation information, and when correlated with the CVE Program , it highlights how important federation and data correlation are for remediation efforts and vulnerability management as a whole. (See example below)

https://db.gcve.eu/vuln/vde-2025-066

#gcve #cve #vulnerabilitymanagement #cybersecurity #opensource

@circl
@gcve
@CVE_Program

A new pull request for Vulnerability-Lookup adds a CSAF producer that publishes advisories for many manufacturers.

This is great for defenders and researchers, as it increases the amount of detailed vulnerability information available.

It will push the number of ingested feeds to more than 50 unique sources, highlighting the growing diversity of our data sources.

If someone tells you there is a single source of truth for vulnerability information, they’re ignoring the reality: vulnerability intelligence comes from many different sources.

Thanks to @rafi0t for the continuous work on adding CSAF and feeds to vulnerability-lookup

#gcve #cve #cybersecurity #csaf #vulnerability #opendata #opensource

The new PR with many new CSAF sources https://github.com/vulnerability-lookup/vulnerability-lookup/pull/348
The open source vulnerability-lookup software https://www.vulnerability-lookup.org/
GCVE instance https://db.gcve.eu/

@gcve
@cedric

We issued an RFP for the same hardware that we ordered in September 2025. The quoted price is 3.5 times higher than the previous price for the exact same hardware. In addition, the offer validity is now limited to only three days.

#memory #aibubble #hardware

@metacurity

There are already many vulnerability identifiers used across different databases and ecosystems. CVE is an important one, but it is only part of a broader and already distributed landscape of vulnerability information.

If you want to explore the diversity of existing sources including CSAF advisories, GitHub security advisories, and disclosures coming from various regions (including China and Russia).

You can see examples here:

Vulnerability-Lookup

Vulnerability-Lookup - Fast vulnerability lookup correlation from different sources.

(db.gcve.eu)

Within the context of NIS2, the EUVD is expected to play the role of a reference point at the European level.

In practice, this makes the handling of cross-references between different identifiers particularly important. While reference catalogues can exist, the assurance and publication of vulnerability information will likely remain (and increase) distributed across many contributors.

@jbm @joshbressers

@signalapp Since Signal always asks for a PIN code for backups, it seems logical that threat actors are exploiting this behavior to trick users.

@eragon At least you can pull-requests on the discourse repository to fix your issues

I hate Discord. The platform is proprietary, the U/X is just completely confusing and it's difficult to find anything.

If you run a project, I love @Discourse - it's open source, the U/X is great and you can archive everything in markdown (and much more).

https://github.com/discourse/discourse
and we run it for GCVE https://discourse.ossbase.org/c/gcve/14

#opensource #discourse