Here’s a little end-of-year gift backed with Sightings from Vulnerability-Lookup ! A small step into 2026.
The year is almost over, so we’ve wrapped up a fresh Sightings Forecast — looking at how sightings evolve across social platforms, code repositories, and structured feeds. All monitored through our tools[1] and enriched by our fantastic community[2].
Read the full report:
The goal: track how sightings evolve over time and provide an adaptive short-term forecast for several key sources monitored by Vulnerability-Lookup.
Our methodology combines weekly historical trends with daily adaptive models. Depending on the underlying slope, we apply either a Logistic Growth model (for rising trends) or an Exponential Decay model (for declining activity).
Key takeaways
Social platforms like the Fediverse and Bluesky show highly event-driven, volatile patterns, reflecting real-time community discussions.
Structured sources such as MISP Projec, The Shadowserver Foundation, and Nuclei offer more stable and reliable signals, ideal for validated intelligence.
Early detection: Social sources provide fast but noisy signals. Not to ignore.
Reliability: Structured intelligence confirms and contextualizes threats.
Better planning: Adaptive forecasting enables informed prioritization and workload management.
Balanced visibility: Combining heterogeneous sources gives stronger situational awareness.
References
- [1] Automation tools: Sightings – Vulnerability-Lookup
- [2] Be part of the community: Signup
- Daily dumps: Vulnerability-Lookup JSON dumps
- Forecasting project: GitHub - vulnerability-lookup/TARDISsight
Funding
This work is part of the EU-funded FETTA initiative, strengthening cross-European collaboration on threat intelligence.