DeviceDoor: a public npm package shipping a Microsoft 365 device-code phishing and bulk-mail framework
OWASP Global AppSec EU 2026 Vienna: Key Takeaways on Secure Software Supply Chain, MCP Security, and the AI-BOM
Open-Source Security A Closer Look at Software Supply Chain Attacks 2025: PyPI & npm Campaigns Compared July 3, 2025
Code Security OWASP AppSec 2025: Key Takeaways, Auto Remediation with AI, and What’s Coming Next June 17, 2025
CI CD Security How to Detect Malware in Your CI/CD Pipeline Before It Reaches Production May 30, 2025