After the recent Rails issue we added a PagerDuty service which is subscribed to django-announcements. When it gets a message from the list it filters the subject for "security" and alerts the on-call engineer who can evaluate the severity (as it applies to us).