DeviceDoor: a public npm package shipping a Microsoft 365 device-code phishing and bulk-mail framework
OWASP Global AppSec EU 2026 Vienna: Key Takeaways on Secure Software Supply Chain, MCP Security, and the AI-BOM
Secrets Security Dosfuscation: The Hidden Denial-of-Service Threat in Your Dependencies August 1, 2025
Secrets Security How Attackers Use Crackhash for Password Cracking, And How to Stop Them July 31, 2025
CI CD Security What Happens When You Don’t Lock Object Access? Hello, IDOR Vulnerability July 30, 2025