DeviceDoor: a public npm package shipping a Microsoft 365 device-code phishing and bulk-mail framework
OWASP Global AppSec EU 2026 Vienna: Key Takeaways on Secure Software Supply Chain, MCP Security, and the AI-BOM
Attacks Analysis Axios npm Compromise: What Happened, Who Is Affected, and How to Prevent It April 16, 2026
Attacks Analysis LiteLLM Supply Chain Attack: How TeamPCP Backdoored AI Infrastructure March 26, 2026