DeviceDoor: a public npm package shipping a Microsoft 365 device-code phishing and bulk-mail framework
OWASP Global AppSec EU 2026 Vienna: Key Takeaways on Secure Software Supply Chain, MCP Security, and the AI-BOM
Software Supply Chain Dependency Inversion Principle: Your First Line of Defense Against Supply Chain Attacks July 23, 2025