🎁 Here’s a little end-of-year gift backed with Sightings from Vulnerability-Lookup ! A small step into 2026.
The year is almost over, so we’ve wrapped up a fresh Sightings Forecast — looking at how sightings evolve across social platforms, code repositories, and structured feeds. All monitored through our tools[1] and enriched by our fantastic community[2].
👉 Read the full report:
https://www.vulnerability-lookup.org/2025/12/02/end-of-year-threat-intelligence-sightings-forecast/
The goal: track how sightings evolve over time and provide an adaptive short-term forecast for several key sources monitored by Vulnerability-Lookup.
Our methodology combines weekly historical trends with daily adaptive models. Depending on the underlying slope, we apply either a Logistic Growth model (for rising trends) or an Exponential Decay model (for declining activity).
🔍 Key takeaways
Social platforms like the Fediverse and Bluesky show highly event-driven, volatile patterns, reflecting real-time community discussions.
Structured sources such as MISP Projec, The Shadowserver Foundation, and Nuclei offer more stable and reliable signals, ideal for validated intelligence.
Early detection: Social sources provide fast but noisy signals. Not to ignore.
Reliability: Structured intelligence confirms and contextualizes threats.
Better planning: Adaptive forecasting enables informed prioritization and workload management.
Balanced visibility: Combining heterogeneous sources gives stronger situational awareness.
📚 References
- [1] Automation tools: https://www.vulnerability-lookup.org/user-manual/sightings/#automation-tools
- [2] Be part of the community: https://vulnerability.circl.lu/user/signup
- Daily dumps: https://vulnerability.circl.lu/dumps/
- Forecasting project: https://github.com/vulnerability-lookup/TARDISsight
💶🇪🇺 Funding
This work is part of the EU-funded FETTA initiative, strengthening cross-European collaboration on threat intelligence.