AI Threat Alert AI Threat Alert

Attributions

Last updated: April 7, 2026

AI Threat Intelligence aggregates vulnerability data, AI-specific threat intelligence, package metadata, and research signals from a number of public and community sources. This page acknowledges those sources in accordance with their respective licenses and terms of use.

We are grateful to the maintainers, researchers, and government agencies whose work makes this product possible.

Vulnerability Data

NVD (National Vulnerability Database) U.S. Government Work — Public Domain
This product uses the NVD API but is not endorsed or certified by the NVD.
GitHub Security Advisory Database CC-BY 4.0
Vulnerability data from the GitHub Advisory Database, licensed under CC-BY 4.0 (https://creativecommons.org/licenses/by/4.0/).
CISA Known Exploited Vulnerabilities (KEV) Catalog CC0 1.0 Universal (Public Domain)
Includes data from the CISA Known Exploited Vulnerabilities (KEV) Catalog. Not endorsed by CISA or DHS.
OSV.dev Mixed (per upstream record)
Vulnerability data aggregated from OSV.dev. Individual records remain under their upstream licenses.
CISA Vulnrichment CC0 1.0 Universal (Public Domain)
Includes vulnerability enrichment data from CISA Vulnrichment, dedicated to the public domain under CC0 1.0. Not endorsed by CISA or DHS.
trickest/cve MIT License
PoC index data from trickest/cve (https://github.com/trickest/cve), © 2022 Trickest, MIT License.
EPSS — Exploit Prediction Scoring System (FIRST.org) Proprietary (FIRST.org Terms)
EPSS scores from the Exploit Prediction Scoring System (https://www.first.org/epss). Citation: Jacobs, J., Romanosky, S., Edwards, B., Roytman, M., Adjeril, I. (2021).
Nuclei Templates (ProjectDiscovery) MIT License
Detection templates from Nuclei Templates (https://github.com/projectdiscovery/nuclei-templates) by ProjectDiscovery, © 2025 ProjectDiscovery, Inc., MIT License.

AI Threat Intelligence

MITRE ATLAS Apache 2.0 + MITRE supplemental terms
ATLAS data reproduced with permission. © The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation. Licensed under Apache 2.0 (https://www.apache.org/licenses/LICENSE-2.0).

Package Metadata

GitHub REST API GitHub Terms of Service
Repository metadata sourced from the GitHub REST API. © GitHub, Inc.
OpenSSF Scorecard Apache 2.0
Repository security scores from OpenSSF Scorecard (https://securityscorecards.dev/), © OpenSSF Scorecard Authors, licensed under Apache 2.0 (https://www.apache.org/licenses/LICENSE-2.0).
deps.dev (Google) Apache 2.0 (code) + CC-BY 4.0 (data)
Package dependency data from deps.dev (https://deps.dev/), © Google LLC, licensed under CC-BY 4.0 (https://creativecommons.org/licenses/by/4.0/).
PyPI Download Stats (pypistats.org) Apache 2.0
Python package download statistics from pypistats.org, licensed under Apache 2.0.
npm Download Stats npm Open-Source Terms
JavaScript package download statistics from the npm registry API, used under the npm Open-Source Terms.

Research & News

arxiv.org CC0 1.0 (metadata only)
Paper metadata from arxiv.org (https://arxiv.org/) under CC0 1.0. Full-text PDFs are not redistributed; users are linked back to arxiv.org for full content.
RSS feeds — security news publishers (30 sources) Per-publisher / Fair Use

AI Threat Intelligence ingests headlines, publication dates and short factual excerpts from approximately 30 security news publishers via their public RSS feeds. We store and display only minimal metadata (title, URL, publisher name, date and a brief excerpt) and always link back to the original article. We do not re-host article content, images or full text.

All individual news items remain the copyright of their respective publishers. Use of this material is made under the fair use doctrine (17 U.S.C. § 107) in the United States and the "very short extracts" exemption of Article 15 of the EU DSM Directive (2019/790) in the European Union.

Per-item attribution is shown alongside every news entry as: "Source: [Publisher Name] — Published YYYY-MM-DD. © original publisher."

Takedown & Copyright Requests

If you are a publisher, rights holder or maintainer of any of the sources listed above and would like content removed, attribution corrected, or have any other copyright concern, please contact us. We respond to legitimate takedown requests within five business days.

AI Threat Intelligence

Email: legal@aithreatalert.com

Please include the URL(s) of the content in question, the source you represent, and the action you are requesting (removal, correction, or additional attribution).

Trademarks

All trademarks, service marks, trade names and product names referenced on this page or elsewhere on AI Threat Intelligence are the property of their respective owners. Reference to any third-party name, mark or product does not imply endorsement, sponsorship or affiliation, and is made solely for the purpose of identification and attribution.