A modern, native desktop security news aggregator built entirely in Python. Aggregates feeds from CISA, Krebs on Security, The Hacker News, BleepingComputer, NVD CVEs, and more — all in a single app with a clean dark UI.
Vibe coded end-to-end using Claude Code — from architecture and framework selection through to UI polish, dark mode theming, and build tooling. No HTML or JavaScript was written by hand.
Add screenshots here
- 8 security news sources aggregated concurrently
- CISA Advisories, Krebs on Security, Schneier on Security
- The Hacker News, BleepingComputer, Dark Reading
- Hacker News (security-tagged stories via Algolia API)
- NVD CVEs (NIST National Vulnerability Database, REST API v2)
- CVE severity badges — CRITICAL / HIGH / MEDIUM / LOW with CVSS scores
- Per-source focus mode — click the focus icon in the sidebar to solo a single feed
- Article preview — hover tooltip shows full feed description without opening the article
- In-app site preview — open any article in an embedded browser dialog
- Read / unread tracking — persisted across sessions
- Bookmarks
- Full-text search across all loaded articles
- Gruvbox dark mode (default) with light mode toggle
- Auto-refresh (configurable interval, default 1 hour)
- Native OS window — not a browser tab, not Electron
| Layer | Technology |
|---|---|
| UI framework | NiceGUI — pure Python UI |
| Desktop window | PyWebView via native=True |
| HTTP client | httpx (async) |
| RSS/Atom parsing | feedparser |
| HTML stripping | BeautifulSoup4 |
| Packaging | PyInstaller via nicegui-pack |
| Package manager | uv — fast Python package manager |
Requirements: Python 3.10+, uv
git clone https://github.com/your-username/security-news.git
cd secnews
uv sync --extra dev
# Linux only — required Qt system library
sudo apt install libxcb-cursor0uv run python main.pyAll tuneable constants live in security_news/config.py:
| Constant | Default | Description |
|---|---|---|
DEFAULT_FETCH_INTERVAL |
3600 |
Seconds between auto-refreshes |
MAX_ARTICLES_PER_SOURCE |
10 |
Max articles fetched per source |
WINDOW_SIZE |
(1280, 800) |
Initial window dimensions |
To add or remove sources, edit the SOURCES list in config.py.
Binaries must be built on the target platform (no cross-compilation).
Local build:
uv run python build.py # → dist/SecNews/ (directory bundle)
uv run python build.py --onefile # → dist/SecNews (single executable)CI/CD — all three platforms via GitHub Actions:
Push a version tag to trigger automated builds for Linux, Windows, and macOS. Binaries are attached to a GitHub Release automatically.
git tag v1.0.0
git push --tagsSee .github/workflows/build.yml.
| Platform | WebView engine | Notes |
|---|---|---|
| Linux | PyQt6-WebEngine (bundled) | Requires libxcb-cursor0 on the host |
| Windows | WebView2 / Edge | Pre-installed on Windows 10/11 |
| macOS | WKWebView (built-in) | No extra dependencies |
secnews/
├── config.py # Sources, constants, tuneables
├── models.py # Article + SourceConfig dataclasses
├── store.py # In-memory article store, persistence
├── app.py # NiceGUI page, filter state, fetch orchestration
├── fetchers/
│ ├── rss.py # RSS/Atom fetcher (async httpx + feedparser)
│ ├── hackernews.py # Hacker News via Algolia API
│ ├── nvd.py # NVD CVE REST API v2
│ └── fetch.py # Concurrent fetch_all() via asyncio.gather
└── ui/
├── header.py # App bar: search, refresh, dark mode toggle
├── sidebar.py # Source list with focus toggle, filters
├── article_list.py # Refreshable article grid
├── article_card.py # Card with preview tooltip + inline actions
├── article_detail.py # Full-article dialog
└── status_bar.py # Footer: last updated, article count
This project was vibe coded from scratch using Claude Code — Anthropic's agentic CLI tool for software engineering.
The entire development session was a conversation: describing what was wanted, reviewing what was built, and iterating. Claude Code handled:
- Framework research and selection (NiceGUI vs PyWebView vs Flet vs Eel)
- Project architecture and file structure
- All Python code — fetchers, data models, store, UI components
- Debugging runtime errors (datetime timezone issues, NiceGUI refreshable patterns, Qt platform plugin errors)
- Dark mode theming (Gruvbox palette via custom Quasar CSS overrides)
- UI polish — Inter font, card animations, custom scrollbars, hover states
- Build tooling —
nicegui-packwrapper and GitHub Actions workflow
No HTML, CSS, or JavaScript was written by hand. The frontend is entirely expressed in Python via NiceGUI's component API.
MIT