threatcode
diff --git a/‎.env_template‎
Lines changed: 1 addition & 1 deletion b/‎.env_template‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/actions/python_requirements/restore_virtualenv/action.yml‎
Lines changed: 4 additions & 1 deletion b/‎.github/actions/python_requirements/restore_virtualenv/action.yml‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎.github/actions/python_requirements/save_virtualenv/action.yml‎
Lines changed: 4 additions & 1 deletion b/‎.github/actions/python_requirements/save_virtualenv/action.yml‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎.github/workflows/_python.yml‎
Lines changed: 4 additions & 0 deletions b/‎.github/workflows/_python.yml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎.github/workflows/create_python_cache.yaml‎
Lines changed: 3 additions & 1 deletion b/‎.github/workflows/create_python_cache.yaml‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎.gitignore‎
Lines changed: 7 additions & 0 deletions b/‎.gitignore‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎api/urls.py‎
Lines changed: 2 additions & 0 deletions b/‎api/urls.py‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎api/views/__init__.py‎
Lines changed: 1 addition & 0 deletions b/‎api/views/__init__.py‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎api/views/news.py‎
Lines changed: 20 additions & 0 deletions b/‎api/views/news.py‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎api/views/utils.py‎
Lines changed: 58 additions & 0 deletions b/‎api/views/utils.py‎
Lines changed: 58 additions & 0 deletions
@@ -13,4 +13,4 @@ COMPOSE_FILE=docker/default.yml:docker/local.override.yml
 #COMPOSE_FILE=docker/default.yml:docker/local.override.yml:docker/elasticsearch.yml
 
 # If you want to run a specific version, populate this
-# REACT_APP_INTELOWL_VERSION="3.0.1"
+# REACT_APP_INTELOWL_VERSION="3.1.0"
@@ -12,6 +12,9 @@ inputs:
     description: A git reference (name of the branch, reference to the PR) that will be used to build the cache key.
     required: false
     default: ${{ github.ref_name }}
+  python_version:
+    description: Python version string to include in the cache key, preventing cross-version cache collisions.
+    required: true
 
 outputs:
   cache-hit:
@@ -32,7 +35,7 @@ runs:
       uses: actions/cache/restore@v4
       with:
         path: ${{ inputs.virtual_environment_path }}
-        key: ${{ inputs.git_reference }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}
+        key: ${{ inputs.git_reference }}-py${{ inputs.python_version }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}
 
     - name: Activate restored virtual environment
       if: >
 
@@ -12,6 +12,9 @@ inputs:
     description: A git reference (name of the branch, reference to the PR) that will be used to build the cache key.
     required: false
     default: ${{ github.ref_name }}
+  python_version:
+    description: Python version string to include in the cache key, preventing cross-version cache collisions.
+    required: true
 
 runs:
   using: "composite"
@@ -26,4 +29,4 @@ runs:
       uses: actions/cache/save@v4
       with:
         path: ${{ inputs.virtual_environment_path }}
-        key: ${{ inputs.git_reference }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}
+        key: ${{ inputs.git_reference }}-py${{ inputs.python_version }}-venv-${{ steps.compute_requirements_files_sha256_hash.outputs.computed_hash }}
@@ -261,6 +261,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Set up Python
+        id: setup_python
         uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python_version }}
@@ -343,6 +344,7 @@ jobs:
         uses: ./.github/actions/python_requirements/restore_virtualenv/
         with:
           requirements_paths: "${{ inputs.requirements_path }} requirements-linters.txt requirements-dev.txt requirements-docs.txt"
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 
       - name: Restore Python virtual environment related to target branch
         id: restore_python_virtual_environment_target_branch
@@ -351,6 +353,7 @@ jobs:
         with:
           requirements_paths: ${{ inputs.requirements_path }}
           git_reference: ${{ github.base_ref }}
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 
       - name: Create Python virtual environment
         if: >
@@ -423,6 +426,7 @@ jobs:
         uses: ./.github/actions/python_requirements/save_virtualenv
         with:
           requirements_paths: "${{ inputs.requirements_path }} requirements-linters.txt requirements-dev.txt requirements-docs.txt"
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 
       - name: Save pip cache related to PR event
         if: >
 
@@ -33,9 +33,10 @@ jobs:
       #        sudo apt-get update && sudo apt install <package1> <package2>...
 
       - name: Set up Python
+        id: setup_python
         uses: actions/setup-python@v5
         with:
-          python-version: "3.12"
+          python-version: "3.13"
 
       - name: Set up Python virtual environment
         uses: ./.github/actions/python_requirements/create_virtualenv
@@ -52,4 +53,5 @@ jobs:
         uses: ./.github/actions/python_requirements/save_virtualenv
         with:
           requirements_paths: .github/test/python_test/requirements.txt
+          python_version: ${{ steps.setup_python.outputs.python-version }}
 
@@ -2,9 +2,14 @@ venv/
 docs/build
 docker/env_file
 docker/env_file_postgres
+docker/env_file.backup.*
+docker/env_file_postgres.backup.*
 .env
+.env.backup.*
 __pycache__/
 mlmodels/
+# Backups created by gbctl
+backups/
 # JetBrains IDEs (PyCharm, IntelliJ, etc.)
 .idea/
 # Ruff cache
@@ -16,3 +21,5 @@ coverage.xml
 *.cover
 .coverage.*
 
+# gbctl configuration file
+.gbctl.conf
@@ -13,6 +13,7 @@
     feeds_asn,
     feeds_pagination,
     general_honeypot_list,
+    news_view,
 )
 
 # Routers provide an easy way of automatically determining the URL conf.
@@ -29,6 +30,7 @@
     path("cowrie_session", cowrie_session_view),
     path("command_sequence", command_sequence_view),
     path("general_honeypot", general_honeypot_list),
+    path("news/", news_view),
     # router viewsets
     path("", include(router.urls)),
     # certego_saas:
 
@@ -3,4 +3,5 @@
 from api.views.enrichment import *
 from api.views.feeds import *
 from api.views.general_honeypot import *
+from api.views.news import *
 from api.views.statistics import *
@@ -0,0 +1,20 @@
+from rest_framework.decorators import api_view
+from rest_framework.response import Response
+
+from api.views.utils import get_greedybear_news
+
+
+@api_view(["GET"])
+def news_view(request):
+    """
+    Fetch GreedyBear blog posts from an RSS feed.
+
+    Filters for posts with "GreedyBear" in the title, truncates long summaries,
+    sorts by newest first, and caches results to improve performance.
+
+    Returns:
+        List[dict]: Each dict contains title, date, link, and subtext.
+        Returns an empty list if no relevant posts are found or feed fails.
+    """
+    news_list = get_greedybear_news()
+    return Response(news_list)
@@ -6,14 +6,18 @@
 from datetime import datetime, timedelta
 from ipaddress import ip_address
 
+import feedparser
+import requests
 from django.conf import settings
 from django.contrib.postgres.aggregates import ArrayAgg
+from django.core.cache import cache
 from django.db.models import Count, F, Max, Min, Sum
 from django.http import HttpResponse, HttpResponseBadRequest, StreamingHttpResponse
 from rest_framework import status
 from rest_framework.response import Response
 
 from api.serializers import FeedsRequestSerializer
+from greedybear.consts import CACHE_KEY_GREEDYBEAR_NEWS, CACHE_TIMEOUT_SECONDS, RSS_FEED_URL
 from greedybear.models import IOC, GeneralHoneypot, Statistics
 
 logger = logging.getLogger(__name__)
@@ -401,3 +405,57 @@ def asn_aggregated_queryset(iocs_qs, request, feed_params):
         result.append(row_dict)
 
     return result
+
+
+def get_greedybear_news() -> list[dict]:
+    """
+    Fetch GreedyBear-related blog posts from the IntelOwl RSS feed.
+
+    Returns:
+        List of dicts with keys: title, date, link, subtext
+        Sorted newest first, or empty list on failure.
+    """
+    cached = cache.get(CACHE_KEY_GREEDYBEAR_NEWS)
+    if cached is not None:
+        return cached
+
+    try:
+        response = requests.get(RSS_FEED_URL, timeout=5)
+        response.raise_for_status()
+        feed = feedparser.parse(response.content)
+
+        filtered_entries = sorted(
+            [entry for entry in feed.entries if "greedybear" in entry.get("title", "").lower() and entry.get("published_parsed")],
+            key=lambda e: e.published_parsed,
+            reverse=True,
+        )
+
+        news_items: list[dict] = []
+        for entry in filtered_entries:
+            summary = entry.get("summary", "").strip().replace("\n", " ")
+
+            subtext = summary[:180].rsplit(" ", 1)[0] + "..." if len(summary) > 180 else summary
+
+            news_items.append(
+                {
+                    "title": entry.get("title"),
+                    "date": entry.get("published"),
+                    "link": entry.get("link"),
+                    "subtext": subtext,
+                }
+            )
+
+        cache.set(
+            CACHE_KEY_GREEDYBEAR_NEWS,
+            news_items,
+            CACHE_TIMEOUT_SECONDS,
+        )
+
+        return news_items
+
+    except Exception as exc:
+        logger.error(
+            "Failed to fetch GreedyBear news from RSS feed",
+            exc_info=exc,
+        )
+        return []