build: update dependencies to resolve security vulnerabilities

Resolves 4 of 5 Dependabot security alerts:
- openssl 0.10.68 → 0.10.76 (2x medium: use-after-free)
- idna 0.5.0 → 1.1.0 (medium: Punycode label validation)
- hashbrown 0.15.0 → 0.15.5 (high: non-canonical Borsh serialization)

Remaining: lru 0.12.5 (low severity, blocked by ratatui pinning ^0.12)

Author: realfresh