DeviceDoor: a public npm package shipping a Microsoft 365 device-code phishing and bulk-mail framework
OWASP Global AppSec EU 2026 Vienna: Key Takeaways on Secure Software Supply Chain, MCP Security, and the AI-BOM
Open-Source Security 7 Best Practices for Disclosing Open Source Components to Customers July 18, 2025