Available Q4 2026 Available · Q4 2026 build 1Uy1Fl
cdt 15:04:26 press / to command
// pixelworx blog

Thoughts on building software that lasts

Insights on web development, design, Laravel, the TALL stack, and building software that matters.

Featured · From the blog

Build Integrations You Can Walk Away From

A Laravel WhatsApp package hides two backends behind one interface. That design choice separates integrations you control from ones your vendor controls.

Pixelworx · Jun 30, 2026 · 6 min read
7 results in Security
A smartphone screen showing a padlock icon, representing scoped, consent-based access to an account
· 5 min read

Cloudflare Opened OAuth to Everyone. The Default Integration Credential Just Changed.

Cloudflare opened self-managed OAuth to every customer. For third-party and delegated access, the long-lived API token is no longer the right default.

Third-Party Integrations APIs Security
A developer working alone at a laptop in a dimly lit room, representing the open source maintainer left to triage a rising flood of incoming security reports by hand
· 5 min read

Anyone's AI Can Find Your Bugs Now. Triage Is the Whole Job.

An LLM can find the same security flaws a researcher would. That quietly breaks the contract software has run on for years, and changes what actually keeps your business safe.

Security AI Development Software Maintenance
Cascading lines of green code on a dark screen, representing the single undifferentiated stream of text an AI model actually reads, where instructions and untrusted data sit side by side
· 7 min read

Your AI Agent Can't Tell Who's Talking. That's Why It Gets Hijacked.

New ICML 2026 research explains why prompt injection is OWASP's #1 LLM risk and can't be patched. Here's what it means before you wire an agent into your business.

AI Development Security MCP
Hands typing on a backlit keyboard with a holographic security padlock and code overlay, representing software supply chain security and dependency auditing
· 7 min read

Laravel-Lang Got Compromised Through Git Tags. Here's What Every PHP Site Should Check Today.

On May 22, an attacker rewrote 700 existing git tags across Laravel-Lang packages instead of publishing new versions. composer.lock alone won't save you.

Security Laravel Supply Chain
Developer reviewing code on laptop screen in a dark workspace
· 6 min read

Vibe Coding Built Your Competitor's Website. Here's What They Don't Know Yet.

AI-generated websites are fast and cheap — until they expose customer data or crumble under real traffic. What business owners need to know before going all-in.

Web Development AI Security
Matrix-style code streams representing secure access
· 4 min read

Give Partners API Access Without Building an Auth System From Scratch

Laravel Sanctum lets you issue API tokens to partners and power users in hours, not weeks — opening integration channels that can become real revenue.

Laravel API Security
A padlock representing security and access control
· 4 min read

Laravel Policies: Let Clients Manage Their Own Permissions

Laravel Policies and Gates give you fine-grained authorization that reduces support load and lets clients self-manage access without calling you.

Laravel Security Authorization
Free Download

The Client Brief Template

A one-page PDF that helps you clarify your project before you talk to any developer. Covers goals, audience, scope, budget, and timeline. Fewer surprises, better outcomes.

No spam promise.

// start a conversation

Have a project ready to start?

Whether you need a full-stack application, a design refresh, or a technical partner who gets it — we'd love to hear about it.