Lightnews — Scholar-powered news

Maikel Mardjan

@nocomplexity.bsky.social

#Threatmodelling is identifying and analysing potential security threats and vulnerabilities in a system, application, or network.

To mitigate potential security risks with a balanced budget, security threat modelling is critical.
Use the (free) SAST for #Python nocomplexity.com/codeaudit/

#owasp

November 25, 2025 at 5:44 PM

Maikel Mardjan

@nocomplexity.bsky.social

Every Python package that is able to dynamically load code is suspicious by default! Use github.com/nocomplexity... to check what happens.

#pycon #python #owasp #infosec #appsec #programming #sast

November 24, 2025 at 7:31 PM

Maikel Mardjan

@nocomplexity.bsky.social

Is DySec the Future for securing the Python package repository?

Check: nocomplexity.com/dysec-pypi-s...

#pycon #owasp #cybersecurity #infosec #programming #pypi #python

November 18, 2025 at 9:17 PM

Maikel Mardjan

@nocomplexity.bsky.social

#Radical #Open Innovation News:
The #PyPSA meets Earth initiative works on open modelling.

Check www.bm-support.org/roi-news-wee...
for all #innovation news bites.

#cop30 #greenenergy #python #openness #roi

November 14, 2025 at 4:18 PM

Maikel Mardjan

@nocomplexity.bsky.social

In today’s world, security remains a critical concern.
Python Secure Coding Guidelines are for anyone who wants to create #Python programs that are secure by design.

Check: nocomplexity.com/python-secur...

#pycon #appsec #owasp #programming #ai #free #checklist

October 28, 2025 at 5:47 PM

Maikel Mardjan

@nocomplexity.bsky.social

Voorkom Cyber Security incidenten. Simpel en effectief.

Python Code Audit is de #1 open source oplossing om kwetsbaarheden in #Python programma’s te vinden.

organisatieontwerp.nl/codeaudit/

#informatiebeveiliging #python #appsec #cybersecurity

October 25, 2025 at 5:16 PM

Maikel Mardjan

@nocomplexity.bsky.social

The quality of modern #Python software relies heavily on the effective use of static code analysis tools.
Never trust, always verify!
So use the #FOSS #SAST #tool #Python #Code Audit - github.com/nocomplexity...

#pythonbrasil #hw_ioNL2025 #appsec #owasp #pycon #PyTorchCon #infosec

October 20, 2025 at 6:17 PM

Maikel Mardjan

@nocomplexity.bsky.social

#Python #Code Audit includes the most comprehensive collection of #security rules for verifying secure use of Python Standard Library functions.

#free #free #free to use, it’s #oss #GPLisBack

Never #trust #python #modules, #verify #it
github.com/nocomplexity...

#PyCon #owasp

October 11, 2025 at 8:38 PM

Maikel Mardjan

@nocomplexity.bsky.social

#Python Under Fire: Hidden #Security Risks

Spot vulnerabilities with Python Code Audit, a SAST tool that makes securing your #Python #code easy and effective.
See nocomplexity.com/python-secur...

#BHEU #appsec #owasp #infosec #Pycon #TallinnDigitalSummit #PyConAfrica #UDallas #SREcon25

October 9, 2025 at 7:38 PM

Maikel Mardjan

@nocomplexity.bsky.social

#Static Application #Security #Testing (#SAST) is a security methodology that analyzes an application’s source code and artifacts (designs).

Advantage of SAST for #Python is automation. But do not fall for the #AI hype. nocomplexity.com/ai-sast-scan...

#owasp #appsec #infosec #ml #eff #foss #gpl

October 7, 2025 at 4:05 PM

Maikel Mardjan

@nocomplexity.bsky.social

Goodbye Bandit, Hello Python Code Audit

nocomplexity.com/stop-using-b...

Stop Relying on Bandit->There’s a Better Way!

#pythonprogramming #infosec #owasp #python #cybersecurty #appsec #auditnow #PyTorch #ai #openai #ml #Grok #fsf #gpl #RiseAndFall

October 1, 2025 at 5:58 PM

Maikel Mardjan

@nocomplexity.bsky.social

SAST: The Secret to #Secure Python #Apps

nocomplexity.substack.com/p/sast-the-s...

Python Code Audit - nocomplexity.com/codeaudit/ application security testing (#SAST) tool #designed for #Python programs.

#infosec #vulnerability #CyberSecurity #appsec #owasp
#oss #ossf #fsfe #gpl

September 30, 2025 at 6:59 PM

Maikel Mardjan

@nocomplexity.bsky.social

#python dynamic imports are a potential #security issues. Use: importlib.import_module() This offers a better way to handle dynamic imports. Avoid using __import__

Do a #sast check on the code you use. Use the #free tool nocomplexity.com/codeaudit/
#vulnerability #infosec #owasp #ransomware

September 18, 2025 at 6:07 PM

Maikel Mardjan

@nocomplexity.bsky.social

The use of the #python marshal can give #security issues.

The marshal module is not intended to be secure against erroneous or #maliciously constructed data.
Use Python Code Audit nocomplexity.com/codeaudit/
#infosec #owasp #cyber

August 24, 2025 at 5:01 PM

Maikel Mardjan

@nocomplexity.bsky.social

#security Issues in #Python are not necessarily directly #exploitable , but detected security issues are a fertile ground for #vulnerabilities to appear.

So use python #code #audit nocomplexity.com/codeaudit/
#malware #infosec #owasp #malware #cyber

August 20, 2025 at 5:55 AM

Maikel Mardjan

@nocomplexity.bsky.social

Find security issues in #Python Python Code audit helps:

#Vulnerability #Detection: Identifies security vulnerabilities in #code, essential for package #security #research.

Inline Issue Reporting: Shows potential security issues with line numbers and code snippets.
nocomplexity.com/codeaudit/

August 13, 2025 at 5:49 AM

Maikel Mardjan

@nocomplexity.bsky.social

Using #python TarFile.extractall or TarFile.extract is #dangerous. Always.

Never use #code that extract archives from #untrusted sources!
#python #code #audit checks if you should worry.
Use a #simple tool-> nocomplexity.com/codeaudit/

#why2025 #infosec #security #hack #breach #malware

August 11, 2025 at 7:39 PM

Maikel Mardjan

@nocomplexity.bsky.social

•sys.call_tracing()
•sys.setprofile(), and
•sys.settrace()
These #python calls are powerful for #introspection. But they introduce significant #security and #safety risks if used improperly or #maliciously.

So Use nocomplexity.com/codeaudit/
#infosec #owasp

August 9, 2025 at 5:18 PM

Maikel Mardjan

@nocomplexity.bsky.social

Stop using assert in your #Python code!
Using assert is #problematic from a #security perspective.

Check: nocomplexity.com/stop-using-a...

#programming #pythonlearning #SecurityFirst #sast #cybersecuritytips #zerodayattack #Infosys #codeaudit #code #gpl #owasp #validate #sast #simple

August 6, 2025 at 5:20 PM

Maikel Mardjan

@nocomplexity.bsky.social

DO NOT rely on #SAST scanners that are powered by #AI-#agents / #LLM systems to solve your #cybersecurity problems!
Most are far from good enough.

In the best case, you’ll only be #disappointed. But the #risk of a false sense of #security is enormous.

github.com/nocomplexity...

August 5, 2025 at 6:13 PM

Maikel Mardjan

@nocomplexity.bsky.social

The #Python construct s.bind() can be dangerous from a #security perspective. It opens #network #sockets and makes your #application #vulnerable.

Use Python Codeaudit - A modern Python #code analyzer based on #distrust.
github.com/nocomplexity...

#sast #research #trust #infosec

August 3, 2025 at 12:01 PM

Maikel Mardjan

@nocomplexity.bsky.social

Creating secure software by design is not simple. Stop putting energy into #security

Every line of #python code should be #insecure. Make #hacks easy possible! #Unsecured by default.

So never use a #sast tool like Python code audit nocomplexity.com/codeaudit/

#infosec #vulnerability #owasp

August 1, 2025 at 6:06 PM