WordPress 7.0, NPM Security, JavaScript - May 2026

On May 11th, 2026, a coordinated attack on the supply chain compromised over 170 npm packages and 2 PyPI packages. Given that millions of packages are downloaded daily from the NPM registry by both individuals and businesses, there are ways to protect your development environment from becoming a target. Surprisingly, not all package managers have this feature set by default. This handy guide will help you enable this feature in your development environment.

Welcome to Hot Web Dev April 2026 featuring the latest in web development This month we focus on WebMCP (Web Models Context Protocol) as an in-browser collaboration interface, and the role of AI assistants within the browser. We have a gamified way of learning SQL and the tool of the month is an open source AI goody.

After 17 years building with WordPress, I made a deliberate leap to GravCMS—a fast, flexible flat-file CMS with no database. The decision wasn’t quick, but it was driven by a need for speed, simplicity, and cleaner maintenance. Grav uses Twig templates, Markdown content, and YAML front matter, delivering a streamlined workflow, built-in caching, and retina-friendly media handling. This post breaks down why I migrated from WordPress to GravCMS, what I miss about WordPress, and whether the switch was worth it.

As a student you need to progress through the academic year with your sanity in check. By setting out good habits at the start you can improve your productivity by 10x.  Here are my handpicked software for students who who are about to start studying. You will find 15+ productivity tools for students to help achieve academic success.