Sources — thrunt.me

Every signal published on thrunt.me originates with one of the feeds below. License terms and attribution are tracked per source. Last-success and last-check timestamps are read from the live pipeline state; when a feed has not succeeded in 48 hours its status flips to stale and the next brief carries a visible notice.

Source	Status	Last success	License
abuse.ch URLhaus (malicious URL IOCs) `urlhaus` · attribution: abuse.ch URLhaus	healthy	`2026-06-09 03:45:00 UTC`	CC0 with attribution requested
CISA Known Exploited Vulnerabilities Catalog `cisa-kev` · attribution: CISA	healthy	`2026-06-09 03:44:59 UTC`	Public domain (U.S. Government)
FIRST.org Exploit Prediction Scoring System (EPSS) `epss` · attribution: FIRST.org EPSS	healthy	`2026-06-09 03:46:02 UTC`	Per FIRST.org Terms of Use
GitHub Security Advisories (reviewed) `ghsa` · attribution: GitHub Advisory Database	healthy	`2026-06-09 03:45:02 UTC`	Per GitHub Terms of Use
MITRE ATT&CK Enterprise `attck` · attribution: MITRE ATT&CK	healthy	`2026-06-09 03:44:59 UTC`	CC BY 4.0
NIST National Vulnerability Database (CVEs) `nvd` · attribution: NIST NVD	healthy	`2026-06-09 03:47:02 UTC`	Public domain (NIST)
ransomware.live (victim postings) `ransomware-live` · attribution: ransomware.live	healthy	`2026-06-09 03:45:01 UTC`	Per ransomware.live Terms of Use
SEC EDGAR — Form 8-K Item 1.05 (Material Cybersecurity Incidents) `sec-8k-105` · attribution: SEC EDGAR full-text search	healthy	`2026-06-09 03:49:30 UTC`	Public domain (U.S. Government)

Snapshot generated at build time. The live pipeline state is the canonical timestamp; this page reflects it as of the most recent deploy.