On May 11, 2026, a coordinated attack on the supply chain compromised over 170 npm packages and 2 PyPI packages, resulting in a total of 404 malicious versions. The attacker targeted the entire TanStack router ecosystem (42 packages), Mistral AI’s SDK suite (on both npm and PyPI), UiPath’s automation tooling (65 packages), OpenSearch (1.3 million weekly npm downloads) and Guardrails AI (PyPI). This is one of the biggest coordinated registry poisoning events we’ve seen in 2026, and it’s the first time both npm and PyPI have been affected in a single campaign.
Read More Hacks Tutorial Server Bun NPM
Welcome to Hot Web Dev April 2026 featuring the latest in web development This month we focus on WebMCP (Web Models Context Protocol) as an in-browser collaboration interface, and the role of AI assistants within the browser. We have a gamified way of learning SQL and the tool of the month is an open source AI goody.
After 17 years building with WordPress, I made a deliberate leap to GravCMS—a fast, flexible flat-file CMS with no database. The decision wasn’t quick, but it was driven by a need for speed, simplicity, and cleaner maintenance. Grav uses Twig templates, Markdown content, and YAML front matter, delivering a streamlined workflow, built-in caching, and retina-friendly media handling. This post breaks down why I migrated from WordPress to GravCMS, what I miss about WordPress, and whether the switch was worth it.
As a student you need to progress through the academic year with your sanity in check. By setting out good habits at the start you can improve your productivity by 10x. Here are my handpicked software for students who who are about to start studying. You will find 15+ productivity tools for students to help achieve academic success.
If you have been following the monthly Hot Web Dev magazine, you will find at the end of each edition, I recommend a tool of the month. Over the years, the tools used have varied from open-source apps and JavaScript UI frameworks to server tools, AI, CSS, desktop, and web applications. Here’s a list of the tools from 2025, along with updates on new features and development.