BleedWatch
00 // INTEL / SEARCH

Search BleedWatch Intel.

Search by CVE, package name, hash, advisory ID, malware family, IOC, workflow pattern, or supply-chain keyword across the public intel surface.

RECENT SEARCHES

01 // QUICK LINKS

Start with a known research path.

These example searches show the intended query grammar and the kind of record families exposed publicly.

Public index

All advisories last 7 days

type:advisory published:7d

Recent public advisory records with severity, affected ecosystems, and remediation status.

Malware family related to typosquats

type:malware tag:typosquat

Malware notes where public packages or registry artifacts indicate typosquat distribution.

Critical advisories in NPM ecosystem

ecosystem:npm severity:critical

Critical NPM advisories, package names, first-seen timestamps, and safe remediation links.

Recently flagged packages

type:package flagged:7d

Packages recently marked as suspicious, malicious, abandoned, or impersonation candidates.

Hash matches dark web list

hash:* source:credential-dump

Publicly searchable hash indicators matched against sanitized leak and credential-dump metadata.

Supply-chain compromise patterns

tag:supply-chain pattern:*

Patterns involving postinstall scripts, artifact drift, maintainer takeover, and dependency confusion.

MCP-related findings

tag:mcp exposure:tool

Public notes involving MCP servers, tool permissions, agent execution, or exposed integration posture.

AI agent injection vectors

tag:agent-injection

Prompt-injection, tool-use escalation, workflow poisoning, and agent permission graph records.

No query active
02 // EMPTY STATE

Type to search across the public intel surface.

Records sync from app.bleedwatch.com after review and publication. Public intel includes advisories, malware notes, package metadata, IOCs, and selected exposure patterns.

Stable identifiers

Use a CVE, BVA advisory ID, package name, malware family, workflow pattern, or hash when you have one.

Public records only

Customer-specific evidence stays inside app.bleedwatch.com. This surface contains public intel and sanitized records.

Synced from production

Records sync from the authenticated dashboard after review, normalization, redaction, and publication approval.

PROGRAMMATIC ACCESS

Use the public search API.

Programmatic access is available at the public API endpoint. Authentication, result limits, pagination, and bulk export are documented separately.

GET https://api.bleedwatch.com/v1/intel/search?q=CVE-2024-31497See /docs
03 // NEXT STEPS

Need intel inside your tools?

Teams can integrate public intel into ticketing, SIEM, CI, package review, or agent-security workflows. Enterprise customers can also connect private findings from the authenticated dashboard.

Explore modulesExplore advisories