Welcome to Hot Web Dev September 2025, featuring the latest technology, web development news and articles. This edition covers NPM supply chain attacks and their potential impact on our apps. Learning resources include a comprehensive full-stack curriculum available for free. Additionally, the tool of the month is a tweaking tool for Windows designed to enhance the user interface.
Table of contents
NPM is great for development, but what happens when a dependency is affected by malware? This can lead to a chain of events that affects your app by simply running npm update.
On 8 September 2025, a supply chain attack targeted 18 npm packages, including debug and chalk, affecting millions of developers. The attackers impersonated npm support, gaining access to a maintainer’s account and publishing malicious updates containing a crypto-stealer.
The malware targets cryptocurrency wallets by injecting itself into browsers, intercepting web traffic, and rewriting transaction targets. It evades detection by minimising its footprint and remaining silent until a transaction is ready to be signed.
The community detected suspicious activity in open-source packages and reported it on GitHub. The original maintainer confirmed the account compromise and worked with npm to revert the changes and secure the account.
Supply chain attacks compromise a single, trusted source in the software development process, such as a package maintainer’s account, to inject malicious code into numerous applications. This method exploits the trust placed in the open-source ecosystem, resulting in widespread impact.
Source
I’m an avid follower of FreeCodeCamp and often share interesting resources with you. In September, they announced a new full-stack certification that will take approximately 1800 hours to complete.FreeCodeCamp is breaking down the Full Stack Development curriculum into smaller certifications, allowing learners to earn them progressively towards the Certified Full Stack Developer capstone certification.
Each new certification, requiring around 300 hours of coursework, includes Responsive Web Design, JavaScript Algorithms and Data Structures, Frontend Libraries, Python Programming, Relational Databases, and Backend Development and APIs.The new certification programme will be free and verified, with exams available through a desktop app.
Software development has evolved significantly over time, and modern developers now have access to sophisticated tools and environments. A historical exploration reveals the stark contrast between past and present practices.
Google Chrome turned 17 years old in September. At the time, Internet Explorer reigned supreme after dominating the browser market share due to being the most used OS and being pre-installed on Windows. Developers using the Firebug extension gained a deeper understanding of the Document Object Model (DOM), which sped up website development. Chrome quickly gained popularity, introducing built-in developer tools and security features, such as running each tab as its own process. As a result, Chrome now reigns supreme compared to its alternatives.
This month’s feature tool is a powerhouse for tweaking Windows 11. If you don’t like Windows’ default look, Windhawk may be a solution that meets your needs. Once installed, you can enable whichever mod you wish without the abundance of options available from the outset. For example, if you don’t like the current taskbar, you can find a mod that displays it like a dock, move the taskbar to the side or top or even change the size. Mods can be filtered and sorted by the most popular and the highly downloaded. Windhawk is designed for stability and performance, running in the background without impacting the system. It is user-friendly, allowing for easy installation and customisation of sophisticated mods.
Welcome to Hot Web Dev October 2025, featuring the latest technology, web development news and… Read More
Welcome to Hot Web Dev August 2025, featuring the latest technology, web development news and… Read More
Welcome to Hot Web Dev July 2025, featuring the latest technology, web development news and… Read More
Welcome to Hot Web Dev June 2025, featuring the latest technology, web development news and… Read More
If you have been following the monthly Hot Web Dev magazine, you will find at… Read More
Welcome to Hot Web Dev May 2025, featuring the latest technology, web development news and… Read More