GitHub

One command to explain your Python environment, trace imports, and detect shadows.

Note: uvx pywho is not recommended — it runs inside uv's ephemeral sandbox, so the output reflects that temporary environment instead of your actual project. Always install pywho into the environment ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

NetKnights releases privacyIDEA 3.13 with enhanced passkey functionality and new web interface

The IT security company NetKnights has released version 3.13 of its multi-factor authentication software, privacyIDEA ...

Truelist Launches Free, Open-Source Developer Tools for Email Validation

Truelist releases 20+ free, open-source SDKs and framework integrations for email validation — Node, Python, React, ...
GitHub

developmentseed/action-python-security-auditing

Running bandit and pip-audit directly — or using the official focused actions (PyCQA/bandit-action and pypa/gh-action-pip-audit) — is a reasonable and common approach. Those tools and actions are fine ...