Cyber security is a process, not a destination to arrive at. Openness and transparency builds trust. Good simple cyber security solutions are open and transparent. Cyber Security is a complex field. Without digital security, your privacy is at risk. Keep it simple. Keep learning.
-
Security Perspective on Python 3.14
The release of Python 3.14, released on October 7, 2025, marks a great milestone for the Python programming language. Developing a new release for the Python language is a major challenge and very hard work for many volunteers active in the Python ecosystem. Python 3.14.0 contains many new features and optimisations compared to Python 3.13.
-
Should you use GitLabs Static application security testing (SAST) for Python?
Python security is gaining attention due to the still rising usage of Python. Python applications are not immune to common security flaws. So, security testing, especially static application security testing (SAST) on Python code, is recommended for everyone who shares code.
-
exec() in Python: Simple & smart or Career-Ending Mistake?
Python is the most widely used programming language worldwide. Its clear syntax, extensive libraries, and adaptability make it suitable for beginners, researchers, and professionals alike. But security is a growing critical concern for Python code. AI-generated code — is not secure by default and human programmers are no security experts. A fantastic built in function…
-
DySec: Is a Python package Actually a Hacker Trap?
Python is the most widely used programming language worldwide. Consequently, many programs, even those built on top of FOSS Python modules, are freely available on The Python Package Index (PyPI.org). Python security is gaining attention due to its rising usage. Python can be considered a secure language, yet Python applications are also susceptible to common…
-
PyPitfall: Dependency Chaos and Software Supply Chain Vulnerabilities in Python – A critical review
Reading scientific cyber security literature is crucial for continuous development and learning. Engaging with research papers often leads to new insights or a deeper perspective on a subject. The paper titled “PyPitfall: Dependency Chaos and Software Supply Chain Vulnerabilities in Python” (arXiv: 2507.18075) captured my attention. Authored in 2025 by researchers from the Computer Science…
-
Python Secure Coding Guidelines
In today’s digital world, security remains a critical concern. This applies equally to Python software. Security breaches that are possible when running untrusted Python programs are real. This checklist is intended for anyone who wants to create Python programs that are secure by design. Programming in Python is fun, but when you create programs for…
-
Avoid a Security Disaster: How to Safely Use Any Python Program
Python’s dominance as a programming language makes it a prime target for security risks. In today’s digital world, security isn’t guaranteed: a solid architecture helps, but even well-written code—including AI-generated code—is not secure by default. The guiding principle for protecting your systems is simple: never trust, always verify (Zero Trust). Since cybersecurity is inherently complex…
-
Python SAST: Managing False Positives
Python is the most widely used programming language worldwide. Its clear syntax, extensive libraries, and adaptability make it suitable for beginners, researchers, and professionals alike. From powering leading websites to driving breakthroughs in artificial intelligence and data science, Python has become a foundational technology across both academia and industry. But in today’s digital world, security…
-
Python Security: What is SAST
The rapid growth and increasing complexity of Python based web applications and systems have made robust security testing more important than ever. Cybercriminals are constantly evolving their tactics, looking for vulnerabilities they can exploit to steal data or disrupt operations. Static Application Security Testing (SAST) is a security methodology that analyzes an application’s source code…
-
Python Code Under Fire: Hidden Security Risks
Python’s popularity and accessibility make it an attractive target for malicious actors. Its widespread presence on developer and server machines means attackers often find it readily available for misuse. A key security risk is Python’s ability to easily execute arbitrary code provided as data, which is a common mechanism in various injection and remote code…
-
Google’s CodeMender: More Dangerous Than Helpful?
Recently I noticed an interesting new announcement from Google Deepmind called: “Introducing CodeMender: an AI agent for code security“. Since I am into security this article caught my attention. A growing trend in the security tooling space is the emergence of AI-powered code auditors — tools that don’t just find vulnerabilities, but claim to fix…
-
The End of Bandit: Meet Python Code Audit
The rapid growth and increasing complexity of Python based web applications and systems have made robust security testing more important than ever. Cyber criminals are constantly evolving their tactics, looking for vulnerabilities they can exploit to steal data or disrupt operations. Traditional security testing for Python applications is still complex, time-consuming, and expensive.