Aug 30 2025
This American nuclear company could help India’s thorium dream

For just the second time in nearly two decades, the United States has granted an export license to an American company planning to sell nuclear technology to India, MIT Technology Review has learned. The decision to greenlight Clean Core Thorium Energy’s license is a major step toward closer cooperation between the two countries on atomic energy and marks a milestone in the development of thorium as an alternative to uranium for fueling nuclear reactors. 

Starting from the issuance last week, the thorium fuel produced by the Chicago-based company can be shipped to reactors in India, where it could be loaded into the cores of existing reactors. Once Clean Core receives final approval from Indian regulators, it will become one of the first American companies to sell nuclear technology to India, just as the world’s most populous nation has started relaxing strict rules that have long kept the US private sector from entering its atomic power industry. 

“This license marks a turning point, not just for Clean Core but for the US-India civil nuclear partnership,” says Mehul Shah, the company’s chief executive and founder. “It places thorium at the center of the global energy transformation.”

Thorium has long been seen as a good alternative to uranium because it’s more abundant, produces both smaller amounts of long-lived radioactive waste and fewer byproducts with centuries-long half-lives, and reduces the risk that materials from the fuel cycle will be diverted into weapons manufacturing. 

But at least some uranium fuel is needed to make thorium atoms split, making it an imperfect replacement. It’s also less well suited for use in the light-water reactors that power the vast majority of commercial nuclear plants worldwide. And in any case, the complex, highly regulated nuclear industry is extremely resistant to change.

For India, which has scant uranium reserves but abundant deposits of thorium, the latter metal has been part of a long-term strategy for reducing dependence on imported fuels. The nation started negotiating a nuclear export treaty with the US in the early 2000s, and a 123 Agreement—a special, Senate-approved treaty the US requires with another country before sending it any civilian nuclear products—was approved in 2008.

A new approach

While most thorium advocates have envisioned new reactors designed to run on this fuel, which would mean rebuilding the nuclear industry from the ground up, Shah and his team took a different approach. Clean Core created a new type of fuel that blends thorium with a more concentrated type of uranium called HALEU (high-assay low-enriched uranium). This blended fuel can be used in India’s pressurized heavy-water reactors, which make up the bulk of the country’s existing fleet and many of the new units under development now. 

Thorium isn’t a fissile material itself, meaning its atoms aren’t inherently unstable enough for an extra neutron to easily split the nuclei and release energy. But the metal has what’s known as “fertile properties,” meaning it can absorb neutrons and transform into the fissile material uranium-233. Uranium-233 produces fewer long-lived radioactive isotopes than the uranium-235 that makes up the fissionable part of traditional fuel pellets. Most commercial reactors run on low-enriched uranium, which is about 5% U-235. When the fuel is spent, roughly 95% of the energy potential is left in the metal. And what remains is a highly toxic cocktail of long-lived radioactive isotopes such as cesium-137 and plutonium-239, which keep the waste dangerous for tens of thousands of years. Another concern is that the plutonium could be extracted for use in weapons. 

Enriched up to 20%, HALEU allows reactors to extract more of the available energy and thus reduce the volume of waste. Clean Core’s fuel goes further: The HALEU provides the initial spark to ignite fertile thorium and triggers a reaction that can burn much hotter and utilize the vast majority of the material in the core, as a study published last year in the journal Nuclear Engineering and Design showed.

“Thorium provides attributes needed to achieve higher burnups,” says Koroush Shirvan, an MIT professor of nuclear science and engineering who helped design Clean Core’s fuel assemblies. “It is enabling technology to go to higher burnups, which reduces your spent fuel volume, increases your fuel efficiency, and reduces the amount of uranium that you need.” 

Compared with traditional uranium fuel, Clean Core says, its fuel reduces waste by more than 85% while avoiding the most problematic isotopes produced during fission. “The result is a safer, more sustainable cycle that reframes nuclear power not as a source of millennia-long liabilities but as a pathway to cleaner energy and a viable future fuel supply,” says Milan Shah, Clean Core’s chief operating officer and Mehul’s son.

Pressurized heavy-water reactors are particularly well suited to thorium because heavy water—a version of H2O that has an extra neutron on the hydrogen atom—absorbs fewer neutrons during the fission process, increasing efficiency by allowing more neutrons to be captured by the thorium.

There are 46 so-called PHWRs operating worldwide: 17 in Canada, 19 in India, three each in Argentina and South Korea, and two each in China and Romania, according to data from the International Atomic Energy Agency. In 1954, India set out a three-stage development plan for nuclear power that involved eventually phasing thorium into the fuel cycle for its fleet. 

Yet in the 56 years since India built its first commercial nuclear plant, its state-controlled industry has remained relatively shut off to the private sector and the rest of the world. When the US signed the 123 Agreement with India in 2008, the moment heralded an era in which the subcontinent could become a testing ground for new American reactor designs. 

In 2010, however, India passed the Civil Liability for Nuclear Damage Act. The legislation was based on what lawmakers saw as legal shortcomings in the wake of the 1984 Bhopal chemical factory disaster, when a subsidiary of the American industrial giant Dow Chemical avoided major payouts to the victims of a catastrophe that killed thousands. Under this law, responsibility for an accident at an Indian nuclear plant would fall on suppliers. The statute effectively killed any exports to India, since few companies could shoulder that burden. Only Russia’s state-owned Rosatom charged ahead with exporting reactors to India.

But things are changing. In a joint statement issued after a February 2025 summit, Prime Minister Narendra Modi and President Donald Trump “announced their commitment to fully realise the US-India 123 Civil Nuclear Agreement by moving forward with plans to work together to build US-designed nuclear reactors in India through large scale localisation and possible technology transfer.” 

In March 2025, US federal officials gave the nuclear developer Holtec International an export license to sell Indian companies its as-yet-unbuilt small modular reactors, which are based on the light-water reactor design used in the US. In April, the Indian government suggested it would reform the nuclear liability law to relax rules on foreign companies in hopes of drawing more overseas developers. Last month, a top minister confirmed that the Modi administration would overhaul the law. 

“For India, the thing they need to do is get another international vendor in the marketplace,” says Chris Gadomski, the chief nuclear analyst at the consultancy BloombergNEF.

Path of least resistance

But Shah sees larger potential for Clean Core. Unlike Holtec, whose export license was endorsed by the two Mumbai-based industrial giants Larsen & Toubro and Tata Consulting Engineers, Clean Core had its permit approved by two of India’s atomic regulators and its main state-owned nuclear company. By focusing on fuel rather than new reactors, Clean Core could become a vendor to the majority of the existing plants already operating in India. 

Its technology diverges not only from that of other US nuclear companies but also from the approach used in China. Last year, China made waves by bringing its first thorium-fueled reactor online. This enabled it to establish a new foothold in a technology the US had invented and then abandoned, and it gave Beijing another leg up in atomic energy.

But scaling that technology will require building out a whole new kind of reactor. That comes at a cost. A recent Johns Hopkins University study found that China’s success in building nuclear reactors stemmed in large part from standardization and repetition of successful designs, virtually all of which have been light-water reactors. Using thorium in existing heavy-water reactors lowers the bar for popularizing the fuel, according to the younger Shah. 

“We think ours is the path of least resistance,” Milan Shah says. “Maybe not being completely revolutionary in the way you look at nuclear today, but incredibly evolutionary to progress humanity forward.” 

The company has plans to go beyond pressurized heavy-water reactors. Within two years, the elder Shah says, Clean Core plans to design a version of its fuel that could work in the light-water reactors that make up the entire US fleet of 94. But it’s not a simple conversion. For starters, there’s the size: While the PHWR fuel rods are about 50 centimeters in length, the rods that go into light-water reactors are roughly four meters long. Then there’s the history of challenges with light water’s absorption of neutrons that could otherwise be captured to induce fission in the thorium. 

For Anil Kakodkar, the former chairman of India’s Atomic Energy Commission and a mentor to Shah, popularizing thorium could help rectify one of the darker chapters in his country’s nuclear development. In 1974, India became the first country since the signing of the first global Treaty on the Non-Proliferation of Nuclear Weapons to successfully test an atomic weapon. New Delhi was never a signatory to the pact. But the milestone prompted neighboring Pakistan to develop its own weapons. 

In response, President Jimmy Carter tried to demonstrate Washington’s commitment to reversing the Cold War arms race by sacrificing the first US effort to commercialize nuclear waste recycling, since the technology to separate plutonium and other radioisotopes from uranium in spent fuel was widely seen as a potential new source of weapons-grade material. By running its own reactors on thorium, Kakodkar says, India can chart a new path for newcomer nations that want to harness the power of the atom without stoking fears that nuclear weapons capability will spread. 

“The proliferation concerns will be dismissed to a significant extent, allowing more rapid growth of nuclear power in emerging countries,” he says. “That will be a good thing for the world at large.” 

Alexander C. Kaufman is a reporter who has covered energy, climate change, pollution, business, and geopolitics for more than a decade. 

Ecommerce MGMT 0 Comments
Aug 30 2025
This American nuclear company could help India’s thorium dream

For just the second time in nearly two decades, the United States has granted an export license to an American company planning to sell nuclear technology to India, MIT Technology Review has learned. The decision to greenlight Clean Core Thorium Energy’s license is a major step toward closer cooperation between the two countries on atomic energy and marks a milestone in the development of thorium as an alternative to uranium for fueling nuclear reactors. 

Starting from the issuance last week, the thorium fuel produced by the Chicago-based company can be shipped to reactors in India, where it could be loaded into the cores of existing reactors. Once Clean Core receives final approval from Indian regulators, it will become one of the first American companies to sell nuclear technology to India, just as the world’s most populous nation has started relaxing strict rules that have long kept the US private sector from entering its atomic power industry. 

“This license marks a turning point, not just for Clean Core but for the US-India civil nuclear partnership,” says Mehul Shah, the company’s chief executive and founder. “It places thorium at the center of the global energy transformation.”

Thorium has long been seen as a good alternative to uranium because it’s more abundant, produces both smaller amounts of long-lived radioactive waste and fewer byproducts with centuries-long half-lives, and reduces the risk that materials from the fuel cycle will be diverted into weapons manufacturing. 

But at least some uranium fuel is needed to make thorium atoms split, making it an imperfect replacement. It’s also less well suited for use in the light-water reactors that power the vast majority of commercial nuclear plants worldwide. And in any case, the complex, highly regulated nuclear industry is extremely resistant to change.

For India, which has scant uranium reserves but abundant deposits of thorium, the latter metal has been part of a long-term strategy for reducing dependence on imported fuels. The nation started negotiating a nuclear export treaty with the US in the early 2000s, and a 123 Agreement—a special, Senate-approved treaty the US requires with another country before sending it any civilian nuclear products—was approved in 2008.

A new approach

While most thorium advocates have envisioned new reactors designed to run on this fuel, which would mean rebuilding the nuclear industry from the ground up, Shah and his team took a different approach. Clean Core created a new type of fuel that blends thorium with a more concentrated type of uranium called HALEU (high-assay low-enriched uranium). This blended fuel can be used in India’s pressurized heavy-water reactors, which make up the bulk of the country’s existing fleet and many of the new units under development now. 

Thorium isn’t a fissile material itself, meaning its atoms aren’t inherently unstable enough for an extra neutron to easily split the nuclei and release energy. But the metal has what’s known as “fertile properties,” meaning it can absorb neutrons and transform into the fissile material uranium-233. Uranium-233 produces fewer long-lived radioactive isotopes than the uranium-235 that makes up the fissionable part of traditional fuel pellets. Most commercial reactors run on low-enriched uranium, which is about 5% U-235. When the fuel is spent, roughly 95% of the energy potential is left in the metal. And what remains is a highly toxic cocktail of long-lived radioactive isotopes such as cesium-137 and plutonium-239, which keep the waste dangerous for tens of thousands of years. Another concern is that the plutonium could be extracted for use in weapons. 

Enriched up to 20%, HALEU allows reactors to extract more of the available energy and thus reduce the volume of waste. Clean Core’s fuel goes further: The HALEU provides the initial spark to ignite fertile thorium and triggers a reaction that can burn much hotter and utilize the vast majority of the material in the core, as a study published last year in the journal Nuclear Engineering and Design showed.

“Thorium provides attributes needed to achieve higher burnups,” says Koroush Shirvan, an MIT professor of nuclear science and engineering who helped design Clean Core’s fuel assemblies. “It is enabling technology to go to higher burnups, which reduces your spent fuel volume, increases your fuel efficiency, and reduces the amount of uranium that you need.” 

Compared with traditional uranium fuel, Clean Core says, its fuel reduces waste by more than 85% while avoiding the most problematic isotopes produced during fission. “The result is a safer, more sustainable cycle that reframes nuclear power not as a source of millennia-long liabilities but as a pathway to cleaner energy and a viable future fuel supply,” says Milan Shah, Clean Core’s chief operating officer and Mehul’s son.

Pressurized heavy-water reactors are particularly well suited to thorium because heavy water—a version of H2O that has an extra neutron on the hydrogen atom—absorbs fewer neutrons during the fission process, increasing efficiency by allowing more neutrons to be captured by the thorium.

There are 46 so-called PHWRs operating worldwide: 17 in Canada, 19 in India, three each in Argentina and South Korea, and two each in China and Romania, according to data from the International Atomic Energy Agency. In 1954, India set out a three-stage development plan for nuclear power that involved eventually phasing thorium into the fuel cycle for its fleet. 

Yet in the 56 years since India built its first commercial nuclear plant, its state-controlled industry has remained relatively shut off to the private sector and the rest of the world. When the US signed the 123 Agreement with India in 2008, the moment heralded an era in which the subcontinent could become a testing ground for new American reactor designs. 

In 2010, however, India passed the Civil Liability for Nuclear Damage Act. The legislation was based on what lawmakers saw as legal shortcomings in the wake of the 1984 Bhopal chemical factory disaster, when a subsidiary of the American industrial giant Dow Chemical avoided major payouts to the victims of a catastrophe that killed thousands. Under this law, responsibility for an accident at an Indian nuclear plant would fall on suppliers. The statute effectively killed any exports to India, since few companies could shoulder that burden. Only Russia’s state-owned Rosatom charged ahead with exporting reactors to India.

But things are changing. In a joint statement issued after a February 2025 summit, Prime Minister Narendra Modi and President Donald Trump “announced their commitment to fully realise the US-India 123 Civil Nuclear Agreement by moving forward with plans to work together to build US-designed nuclear reactors in India through large scale localisation and possible technology transfer.” 

In March 2025, US federal officials gave the nuclear developer Holtec International an export license to sell Indian companies its as-yet-unbuilt small modular reactors, which are based on the light-water reactor design used in the US. In April, the Indian government suggested it would reform the nuclear liability law to relax rules on foreign companies in hopes of drawing more overseas developers. Last month, a top minister confirmed that the Modi administration would overhaul the law. 

“For India, the thing they need to do is get another international vendor in the marketplace,” says Chris Gadomski, the chief nuclear analyst at the consultancy BloombergNEF.

Path of least resistance

But Shah sees larger potential for Clean Core. Unlike Holtec, whose export license was endorsed by the two Mumbai-based industrial giants Larsen & Toubro and Tata Consulting Engineers, Clean Core had its permit approved by two of India’s atomic regulators and its main state-owned nuclear company. By focusing on fuel rather than new reactors, Clean Core could become a vendor to the majority of the existing plants already operating in India. 

Its technology diverges not only from that of other US nuclear companies but also from the approach used in China. Last year, China made waves by bringing its first thorium-fueled reactor online. This enabled it to establish a new foothold in a technology the US had invented and then abandoned, and it gave Beijing another leg up in atomic energy.

But scaling that technology will require building out a whole new kind of reactor. That comes at a cost. A recent Johns Hopkins University study found that China’s success in building nuclear reactors stemmed in large part from standardization and repetition of successful designs, virtually all of which have been light-water reactors. Using thorium in existing heavy-water reactors lowers the bar for popularizing the fuel, according to the younger Shah. 

“We think ours is the path of least resistance,” Milan Shah says. “Maybe not being completely revolutionary in the way you look at nuclear today, but incredibly evolutionary to progress humanity forward.” 

The company has plans to go beyond pressurized heavy-water reactors. Within two years, the elder Shah says, Clean Core plans to design a version of its fuel that could work in the light-water reactors that make up the entire US fleet of 94. But it’s not a simple conversion. For starters, there’s the size: While the PHWR fuel rods are about 50 centimeters in length, the rods that go into light-water reactors are roughly four meters long. Then there’s the history of challenges with light water’s absorption of neutrons that could otherwise be captured to induce fission in the thorium. 

For Anil Kakodkar, the former chairman of India’s Atomic Energy Commission and a mentor to Shah, popularizing thorium could help rectify one of the darker chapters in his country’s nuclear development. In 1974, India became the first country since the signing of the first global Treaty on the Non-Proliferation of Nuclear Weapons to successfully test an atomic weapon. New Delhi was never a signatory to the pact. But the milestone prompted neighboring Pakistan to develop its own weapons. 

In response, President Jimmy Carter tried to demonstrate Washington’s commitment to reversing the Cold War arms race by sacrificing the first US effort to commercialize nuclear waste recycling, since the technology to separate plutonium and other radioisotopes from uranium in spent fuel was widely seen as a potential new source of weapons-grade material. By running its own reactors on thorium, Kakodkar says, India can chart a new path for newcomer nations that want to harness the power of the atom without stoking fears that nuclear weapons capability will spread. 

“The proliferation concerns will be dismissed to a significant extent, allowing more rapid growth of nuclear power in emerging countries,” he says. “That will be a good thing for the world at large.” 

Alexander C. Kaufman is a reporter who has covered energy, climate change, pollution, business, and geopolitics for more than a decade. 

Ecommerce MGMT 0 Comments
Aug 30 2025
The Download: humans in space, and India’s thorium ambitions

This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology.

The case against humans in space

Elon Musk and Jeff Bezos are bitter rivals in the commercial space race, but they agree on one thing: Settling space is an existential imperative. Space is the place. The final frontier. It is our human destiny to transcend our home world and expand our civilization to extraterrestrial vistas.

This belief has been mainstream for decades, but its rise has been positively meteoric in this new gilded age of astropreneurs.

But as visions of giant orbital stations and Martian cities dance in our heads, a case against human space colonization has found its footing in a number of recent books, from doubts about the practical feasibility of off-Earth communities, to realism about the harsh environment of space and the enormous tax it would exact on the human body. Read the full story.

—Becky Ferreira

This story is from our new print edition, which is all about the future of security. Subscribe here to catch future copies when they land.

This American nuclear company could help India’s thorium dream

For just the second time in nearly two decades, the United States has granted an export license to an American company planning to sell nuclear technology to India, MIT Technology Review has learned. 

The decision to greenlight Clean Core Thorium Energy’s license is a major step toward closer cooperation between the two countries on atomic energy and marks a milestone in the development of thorium as an alternative to uranium for fueling nuclear reactors. Read more about why it’s such a big deal.

—Alexander C. Kaufman

RFK Jr’s plan to improve America’s diet is missing the point

A lot of Americans don’t eat well. And they’re paying for it with their health. A diet high in sugar, sodium, and saturated fat can increase the risk of problems like diabetes, heart disease, and kidney disease, to name a few. And those are among the leading causes of death in the US.

This is hardly news. But this week Robert F Kennedy Jr., who heads the US Department of Health and Human Services, floated a new solution to the problem: teaching medical students more about the role of nutrition in health could help turn things around.

It certainly sounds like a good idea. If more Americans ate a healthier diet, we could expect to see a decrease in those diseases. 

But this framing of America’s health crisis is overly simplistic, especially given that plenty of the administration’s other actions have directly undermined health in multiple ways—including by canceling a vital nutrition education program. And at any rate, there are other, more effective ways to tackle the chronic-disease crisis. Read the full story.

—Jessica Hamzelou

This article first appeared in The Checkup, MIT Technology Review’s weekly biotech newsletter. To receive it in your inbox every Thursday, and read articles like this first, sign up here.

The must-reads

I’ve combed the internet to find you today’s most fun/important/scary/fascinating stories about technology.

1 RFK Jr’s deputy has been chosen to be the new acting head of the CDC
Jim O’Neill is likely to greenlight his boss’s federal vaccine policy plans. (WP $)
+ The future of the department looks decidedly precarious. (The Atlantic $)
+ Everything you need to know about Jim O’Neill, the longevity enthusiast who is now RFK Jr.’s right-hand man. (MIT Technology Review)

2 A man killed his mother and himself after conversing with ChatGPT
The chatbot encouraged Stein-Erik Soelberg’s paranoia while repeatedly assuring him he was sane. (WSJ $)
+ An AI chatbot told a user how to kill himself—but the company doesn’t want to “censor” it. (MIT Technology Review)

3 China is cracking down on excess competition in its AI sector
The country is hellbent on avoiding wasteful investment. (Bloomberg $)
+ China is laser-focused on engineering, not so much on litigating. (Wired $)
+ China built hundreds of AI data centers to catch the AI boom. Now many stand unused. (MIT Technology Review)

4 The EU should be prepared to walk away from a US trade deal
Its competition commissioner worries Trump may act on his threats to target the bloc. (FT $)
+ The French President had a similar warning for his ministers. (Politico)

5 xAI has released a new Grok agentic coding model
At a significantly lower price than its rivals. (Reuters)
+ This no-code website builder has been valued at $2 billion. (TechCrunch)
+ The second wave of AI coding is here. (MIT Technology Review)

6 A US mail change has thrown online businesses into turmoil
All package deliveries are due to face duties from this week. (Insider $)

7 A former DOGE official is running America’s biggest MDMA company
And Antonio Gracias is not the only member of the department with ties to the psychedelics industry. (The Guardian)
+ Other DOGE workers are joining Trump’s new National Design Studio. (Wired $)
+ The FDA said no to the use of MDMA as a therapy last year. (MIT Technology Review)

8 How chatbots fake having personalities
They have no persistent self—despite what they may tell you. (Ars Technica)
+ What is AI? (MIT Technology Review)

9 The future of podcasting is murky
Hundreds of shows have folded. The medium is in desperate need of an archive. (NY Mag $)
+ The race to save our online lives from a digital dark age. (MIT Technology Review)

10 Do we even know what we want to watch anymore?
We’re so reliant on algorithms, it’s hard to know. (New Yorker $)

Quote of the day

“We’re scared for ourselves and for the country.” 

—An anonymous CDC worker tells the New York Times about the mood inside the agency following the firing of their new director Susan Monarez.

One more thing

How a tiny Pacific Island became the global capital of cybercrime

Tokelau, a string of three isolated atolls strung out across the Pacific, is so remote that it was the last place on Earth to be connected to the telephone—only in 1997. Just three years later, the islands received a fax with an unlikely business proposal that would change everything.

It was from an early internet entrepreneur from Amsterdam, named Joost Zuurbier. He wanted to manage Tokelau’s country-code top-level domain, or ccTLD—the short string of characters that is tacked onto the end of a URL—in exchange for money.

In the succeeding years, tiny Tokelau became an unlikely internet giant—but not in the way it may have hoped. Until recently, its .tk domain had more users than any other country’s: a staggering 25 million—but the vast majority were spammers, phishers, and cybercriminals.

Now the territory is desperately trying to clean up .tk. Its international standing, and even its sovereignty, may depend on it. Read the full story.
 
—Jacob Judah

We can still have nice things

A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or skeet ’em at me.)

+ Scientists are using yeast to help save the bees.
+ How to become super productive 😌
+ Why North American mammoths were genetic freaks of nature.
+ I love Seal’s steadfast refusal to explain his lyrics to Kiss from a Rose.

Ecommerce MGMT 0 Comments
Aug 30 2025
The Download: humans in space, and India’s thorium ambitions

This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology.

The case against humans in space

Elon Musk and Jeff Bezos are bitter rivals in the commercial space race, but they agree on one thing: Settling space is an existential imperative. Space is the place. The final frontier. It is our human destiny to transcend our home world and expand our civilization to extraterrestrial vistas.

This belief has been mainstream for decades, but its rise has been positively meteoric in this new gilded age of astropreneurs.

But as visions of giant orbital stations and Martian cities dance in our heads, a case against human space colonization has found its footing in a number of recent books, from doubts about the practical feasibility of off-Earth communities, to realism about the harsh environment of space and the enormous tax it would exact on the human body. Read the full story.

—Becky Ferreira

This story is from our new print edition, which is all about the future of security. Subscribe here to catch future copies when they land.

This American nuclear company could help India’s thorium dream

For just the second time in nearly two decades, the United States has granted an export license to an American company planning to sell nuclear technology to India, MIT Technology Review has learned. 

The decision to greenlight Clean Core Thorium Energy’s license is a major step toward closer cooperation between the two countries on atomic energy and marks a milestone in the development of thorium as an alternative to uranium for fueling nuclear reactors. Read more about why it’s such a big deal.

—Alexander C. Kaufman

RFK Jr’s plan to improve America’s diet is missing the point

A lot of Americans don’t eat well. And they’re paying for it with their health. A diet high in sugar, sodium, and saturated fat can increase the risk of problems like diabetes, heart disease, and kidney disease, to name a few. And those are among the leading causes of death in the US.

This is hardly news. But this week Robert F Kennedy Jr., who heads the US Department of Health and Human Services, floated a new solution to the problem: teaching medical students more about the role of nutrition in health could help turn things around.

It certainly sounds like a good idea. If more Americans ate a healthier diet, we could expect to see a decrease in those diseases. 

But this framing of America’s health crisis is overly simplistic, especially given that plenty of the administration’s other actions have directly undermined health in multiple ways—including by canceling a vital nutrition education program. And at any rate, there are other, more effective ways to tackle the chronic-disease crisis. Read the full story.

—Jessica Hamzelou

This article first appeared in The Checkup, MIT Technology Review’s weekly biotech newsletter. To receive it in your inbox every Thursday, and read articles like this first, sign up here.

The must-reads

I’ve combed the internet to find you today’s most fun/important/scary/fascinating stories about technology.

1 RFK Jr’s deputy has been chosen to be the new acting head of the CDC
Jim O’Neill is likely to greenlight his boss’s federal vaccine policy plans. (WP $)
+ The future of the department looks decidedly precarious. (The Atlantic $)
+ Everything you need to know about Jim O’Neill, the longevity enthusiast who is now RFK Jr.’s right-hand man. (MIT Technology Review)

2 A man killed his mother and himself after conversing with ChatGPT
The chatbot encouraged Stein-Erik Soelberg’s paranoia while repeatedly assuring him he was sane. (WSJ $)
+ An AI chatbot told a user how to kill himself—but the company doesn’t want to “censor” it. (MIT Technology Review)

3 China is cracking down on excess competition in its AI sector
The country is hellbent on avoiding wasteful investment. (Bloomberg $)
+ China is laser-focused on engineering, not so much on litigating. (Wired $)
+ China built hundreds of AI data centers to catch the AI boom. Now many stand unused. (MIT Technology Review)

4 The EU should be prepared to walk away from a US trade deal
Its competition commissioner worries Trump may act on his threats to target the bloc. (FT $)
+ The French President had a similar warning for his ministers. (Politico)

5 xAI has released a new Grok agentic coding model
At a significantly lower price than its rivals. (Reuters)
+ This no-code website builder has been valued at $2 billion. (TechCrunch)
+ The second wave of AI coding is here. (MIT Technology Review)

6 A US mail change has thrown online businesses into turmoil
All package deliveries are due to face duties from this week. (Insider $)

7 A former DOGE official is running America’s biggest MDMA company
And Antonio Gracias is not the only member of the department with ties to the psychedelics industry. (The Guardian)
+ Other DOGE workers are joining Trump’s new National Design Studio. (Wired $)
+ The FDA said no to the use of MDMA as a therapy last year. (MIT Technology Review)

8 How chatbots fake having personalities
They have no persistent self—despite what they may tell you. (Ars Technica)
+ What is AI? (MIT Technology Review)

9 The future of podcasting is murky
Hundreds of shows have folded. The medium is in desperate need of an archive. (NY Mag $)
+ The race to save our online lives from a digital dark age. (MIT Technology Review)

10 Do we even know what we want to watch anymore?
We’re so reliant on algorithms, it’s hard to know. (New Yorker $)

Quote of the day

“We’re scared for ourselves and for the country.” 

—An anonymous CDC worker tells the New York Times about the mood inside the agency following the firing of their new director Susan Monarez.

One more thing

How a tiny Pacific Island became the global capital of cybercrime

Tokelau, a string of three isolated atolls strung out across the Pacific, is so remote that it was the last place on Earth to be connected to the telephone—only in 1997. Just three years later, the islands received a fax with an unlikely business proposal that would change everything.

It was from an early internet entrepreneur from Amsterdam, named Joost Zuurbier. He wanted to manage Tokelau’s country-code top-level domain, or ccTLD—the short string of characters that is tacked onto the end of a URL—in exchange for money.

In the succeeding years, tiny Tokelau became an unlikely internet giant—but not in the way it may have hoped. Until recently, its .tk domain had more users than any other country’s: a staggering 25 million—but the vast majority were spammers, phishers, and cybercriminals.

Now the territory is desperately trying to clean up .tk. Its international standing, and even its sovereignty, may depend on it. Read the full story.
 
—Jacob Judah

We can still have nice things

A place for comfort, fun and distraction to brighten up your day. (Got any ideas? Drop me a line or skeet ’em at me.)

+ Scientists are using yeast to help save the bees.
+ How to become super productive 😌
+ Why North American mammoths were genetic freaks of nature.
+ I love Seal’s steadfast refusal to explain his lyrics to Kiss from a Rose.

Ecommerce MGMT 0 Comments
Aug 30 2025
Smarter Paths to Global Sales

On-again, off-again tariffs have not lessened the opportunities for cross-border expansion. Global consumers still seek quality goods from trusted merchants.

Yet success in international selling requires careful attention to fulfillment, customs, duties, and more. That’s the role of Passport, the provider of cross-border logistics, localization, and support for ecommerce sellers.

I recently spoke with Alex Yancher, Passport’s founder and CEO, on tactics for profitable global ecommerce sales. The entire audio of our conversation is embedded below. The transcript is edited for clarity and length.

Eric Bandholz: Who are you and what do you do?

Alex Yancher: I’m the founder and CEO of Passport. We help brands expand globally through two primary models.

The first is cross-border. We integrate with a brand directly or its third-party logistics provider to internationalize the site and ship products from the U.S. to worldwide destinations. What sets us apart is our own U.S. warehouses in Los Angeles, Chicago, and New Jersey, where we consolidate shipments before sending them abroad.

The second model, designed for larger brands, enables in-country operations. We help companies set up legally, fiscally, and operationally in markets such as Canada, the U.K., the E.U., Australia, Mexico, and even the U.S. Interestingly, one of our fastest-growing services is helping international brands establish operations in America.

We’re known in the industry as a parcel consolidator, competing with firms such as DHL eCommerce. We partner with about 180 3PLs, including ShipBob and ShipMonk. While smaller brands may ship only a few international orders per week, our consolidation model enables us to pool volume from many merchants. For some clients, we run daily full-truckload pickups during peak drops; for others, weekly less-than-truckload shipments are enough. This flexibility makes international fulfillment economical for brands of all sizes.

Bandholz: When should a company outsource international fulfillment?

Yancher: Many small brands start with USPS. It’s easy to use and integrates with tools such as ShipStation. However, USPS shipments are expensive and are usually delivered duty-unpaid. That means when a package arrives in Canada, for example, customers pick it up at the post office and pay taxes before possessing it. It’s a poor experience.

UPS and FedEx are alternatives, but they’re costly and often overkill. Transit times are fast, but most brands, especially subscription businesses, don’t need two-day delivery. That’s where consolidators such as Passport make sense. We not only reduce shipping costs but also enable a delivered-duty-paid model. Duties and taxes are calculated and paid at checkout, so the package clears customs seamlessly.

We typically require at least 10 pounds of daily shipments. That could mean one heavy item, such as a stroller, or dozens of smaller items, like phone cases. If a merchant ships only a few lightweight packages a day, we might offer only weekly pickups, which slows transit. To ensure speed and consistency, we work best with brands that regularly hit the 10-pound threshold.

Bandholz: What are Passport’s fees versus USPS or FedEx?

Yancher: At decent shipping volumes, we shouldn’t cost more than $10 per package — and with higher volume, even less. Compared to FedEx, we’re often $10-$15 cheaper.

The real savings come from prepaying duties. When consumers pay duties upon delivery, local postal services charge additional clearance fees to handle the process, such as sending notices, holding packages, and verifying IDs. In Canada, for example, it costs approximately $9 Canadian. Often, that’s more than the duties themselves, effectively doubling or tripling costs.

Beyond the fees, again, it’s a terrible customer experience. Recipients must rearrange their schedules to pick up the package and pay, which creates frustration and damages brand loyalty.

When I started Passport over eight years ago, most brands shipped Delivered Duty Unpaid, typically via USPS. Back then, about 70%-80% of international ecommerce orders were shipped that way. Today, it’s completely flipped — roughly 80% of orders now ship Delivered Duty Paid, with duties prepaid at checkout.

Bandholz: How do brands present duties and currency fluctuations at checkout?

Yancher: In many countries, such as the U.K., consumers expect the checkout total to include VAT, not listed as a separate line. Seeing duties or VAT listed separately feels foreign, lowers trust, and hurts conversion rates. Instead, brands should incorporate taxes and duties into the final price to present a single, straightforward number.

Another factor is price aesthetics. Customers respond better to clean numbers, such as $99 or €45, rather than, say, $43.72. Many brands lock in local prices to maintain that aesthetic, adjusting only when exchange rates shift significantly. For example, a product priced at €40 may increase to €45 if the currency moves strongly against the merchant.

This approach balances consistency, customer perception, and margin protection. In practice, exchange rates in key markets such as Canada, the U.K., and Australia don’t swing drastically day to day. They may move 7%-8% over 18 months, but rarely shift more than fractions of a percent daily. Rounding strategies and baked-in duties usually work well without requiring daily adjustments.

Bandholz: How does a brand selling cross-border know when to fulfill locally?

Yancher: We recommend in-country expansion once a brand reaches around $2 million in annual sales in a given market. At that level, the benefits outweigh the costs. For example, cross-border shipments from the U.S. to the U.K. typically take five to six business days and incur higher fees. With local fulfillment, shipping times drop to two days or less, and last-mile costs decrease by a few dollars per package. The value proposition improves dramatically.

There are also duty savings. If a $200 sweater ships from the U.S. to Canada, the customer might pay 15% duties, about $30. However, if the same sweater is imported directly into Canada, duties are applied to the cost of goods sold, which may be $20, reducing the tariffs to just $3. That difference can make pricing far more competitive and conversion rates stronger.

Returns are easier with local fulfillment as well. The challenge, however, is compliance. Once you warehouse inventory locally, you must meet that country’s regulatory and labeling requirements. That can be complex, but Passport helps brands navigate testing, compliance, and paperwork. We also serve as the importer of record, utilizing our local business registrations to shield brands from regulatory risk and expedite market entry.

Additionally, we connect brands with trusted fulfillment providers and offer affordable freight options. The goal is to make international expansion as turnkey and low-risk as possible, enabling brands to scale confidently once they hit that $2 million threshold.

Bandholz: Where can people follow you, support you, or buy your services?

Yancher: Our site is PassportGlobal.com. I’m on X and LinkedIn.

Ecommerce MGMT 0 Comments
Aug 29 2025
TablePress WordPress Plugin Vulnerability Affects 700,000+ Sites via @sejournal, @martinibuster

A vulnerability in the TablePress WordPress plugin enables attackers to inject malicious scripts that run when someone visits a compromised page. It affects all versions up to and including version 3.2.

TablePress WordPress plugin

The TablePress plugin is used on more than 700,000 websites. It enables users to create and manage tables with interactive features like sorting, pagination, and search.

What Caused The Vulnerability

The problem came from missing input sanitization and output escaping in how the plugin handled the shortcode_debug parameter. These are basic security steps that protect sites from harmful input and unsafe output.

The Wordfence advisory explains:

“The TablePress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘shortcode_debug’ parameter in all versions up to, and including, 3.2 due to insufficient input sanitization and output escaping.”

Input Sanitization

Input sanitization filters what users type into forms or fields. It blocks harmful input, like malicious scripts. TablePress didn’t fully apply this security step.

Output Escaping

Output escaping is similar, but it works in the opposite direction, filtering what gets output onto the website. Output escaping prevents the website from publishing characters that can be interpreted by browsers as code.

That’s exactly what can happen with TablePress because it has insufficient input sanitization , which enables an attacker to upload a script , and insufficient escaping to prevent the website from injecting malicious scripts into the live website. That’s what enables the stored cross-site scripting (XSS) attacks.

Because both protections were missing, someone with Contributor-level access or higher could upload a script that gets stored and runs whenever the page is visited. The fact that a Contributor-level authorization is necessary mitigates the potential for an attack to a certain extent.

Plugin users are recommended to update the plugin to version 3.2.1 or higher.

Featured Image by Shutterstock/Nithid

Ecommerce MGMT 0 Comments
Aug 29 2025
WordPress Ocean Extra Vulnerability Affects Up To 600,000 Sites via @sejournal, @martinibuster

An advisory was issued for the Ocean Extra WordPress plugin that is susceptible to stored cross-site scripting, which enables attackers to upload malicious scripts that execute on the site when a user visits the affected website.

Ocean Extra WordPress Plugin

The vulnerability affects only the Ocean Extra plugin by oceanwp, a plugin that extends the popular OceanWP WordPress theme. The plugin adds extra features to the OceanWP theme, such as the ability to easily host fonts locally, additional widgets, and expanded navigation menu options.

According to the Wordfence advisory, the vulnerability is due to insufficient input sanitization and output escaping.

Input Sanitization

Input sanitization is the term used to describe the process of filtering what’s input into WordPress, like in a form or any field where a user can input something. The goal is to filter out unexpected kinds of input, like malicious scripts**,** for example. This is something that the plugin is said to be missing (insufficient).

Output Escaping

Output escaping is kind of like input sanitization but in the other direction, a security process that makes sure that whatever is being output from WordPress is safe. It checks that the output doesn’t have characters that can be interpreted by a browser as code and subsequently executed, such as what is found in a stored cross-site scripting (XSS) exploit. This is the other thing that the Ocean Extra plugin was missing.

Together, the insufficient input sanitization and insufficient output escaping enable attackers to upload a malicious script and have it output on the WordPress site.

Users Urged To Update Plugin

The vulnerability only affects authenticated users with contributor-level privileges or higher, to a certain extent mitigating the threat level of this specific exploit. This vulnerability affects versions up to and including version 2.4.9. Users are advised to update their plugin to the latest version, currently 2.5.0.

Featured Image by Shutterstock/Nithid

Ecommerce MGMT 0 Comments
Aug 29 2025
Google: AI Max For Search Has No Conversion Minimums via @sejournal, @MattGSouthern

Google states that AI Max for Search can run in low-volume accounts, confirming there’s no minimum conversion recommendation.

However, you must use a conversion-based Smart Bidding strategy for search-term matching to work.

The clarification was provided during Google’s Ads Decoded podcast, where product managers discussed recent launches.

What Google Said

In the “Ads Decoded” podcast episode, Ginny Marvin, Google’s Ads Product Liaison, addressed whether low-volume accounts can use AI Max.

Marvin stated:

“In earlier testing, we’ve seen that AI Max can be effective for accounts of varied sizes… And there’s no minimum conversion recommendation to enable AI Max, but keep in mind that you do need to use a conversion-based smart bidding strategy in order for search term matching to work.”

This smart bidding requirement ensures the system has signals to work with, even if conversion volume is low.

Hear hear full response in the video below:

Where Smaller Accounts May See Gains

Google says advertisers “mostly using exact and phrase match keywords tend to see the highest uplift in conversions and conversion value” after enabling AI Max.

Keywordless matching can help smaller advertisers find opportunities without extensive research. AI Max identifies relevant search terms based on landing page content and existing ads.

For local campaigns, advertisers can use simple keywords instead of creating separate ones for each location. AI Max handles the geographic matching.

How AI Max Works In Search

AI Max pulls from more than just landing pages. It also uses ad assets and ad-group keywords to expand coverage and tailor RSA copy.

For English content, it’s capable of generating ad variations within brand guardrails.

Product manager Karen Zang described AI Max as an enhancer to existing work:

“I would view AI Max as an amplifier on the work that you’ve already put in… we’re just leveraging that to customize your ads.”

Product manager Tal Kabas framed AI Max as bringing Performance Max-level technology into Search:

“If you’re using all the best practices with AI Max… then it is PMax technology for Search. We wanted to basically bring that value to advertisers wherever they want to buy.”

Implementation Considerations

Small advertisers considering AI MAX should take these preparation steps into account.

First, ensure landing pages are current, as the AI uses them to generate ad variations. Poor or outdated landing page content can negatively impact the output, regardless of account size.

Second, use conversion tracking even if volume is low. While there are no minimums, having any conversion data helps. Smart bidding strategies, such as Target CPA or Target ROAS, must be in place for full functionality.

Third, start with campaigns that use exact and phrase match keywords, as Google’s data shows they benefit the most from AI Max.

Looking Ahead

AI Max is accessible to advertisers of all sizes.

The one-click implementation allows you to test AI Max without restructuring your campaigns. If results don’t meet your expectations, the feature can be disabled.

Google indicated this is the first phase of AI Max development, with more features planned.

Ecommerce MGMT 0 Comments
seo enhancements
Aug 29 2025
How much does it cost to build a website?

Table of contents

Thinking about building a website? Whether you are a small business owner, a freelancer, or launching a side project, one of the first questions you will want answered is: how much does it cost to build a website? This is not just about curiosity, understanding your website costs early on can help you budget effectively and avoid any unpleasant surprises.

The truth is that the answer is rarely simple. Ask ten business owners about their website building costs and you will probably get ten completely different answers. That is because website costs can range from almost nothing to tens of thousands of euros. The variation comes down to what you need your website to do. A small brochure site with a few pages can be built on a modest budget, whereas an ecommerce store with thousands of products and secure payment facilities will always cost more. The good news is that once you understand where the costs lie, you can make better decisions. And while Yoast SEO will not directly reduce your build costs, it will help you avoid expensive SEO mistakes, improve site performance, and keep your long-term marketing budget under control.

What are you actually paying for when building a website?

Design and user experience: This sets the tone for how visitors feel about your site. Good design is more than colors and fonts, it is about navigation, site structure, and encouraging visitors to stay and explore. Read more about user experience

Development: Turns your designs into a working website. A simple build will cost less, but advanced features or integrations push the price up. 

Domain and hosting: These two are essential and unavoidable. Your domain name generally costs between €10 and €50 per year and hosting keeps your site live. Shared hosting is cheapest, but dedicated hosting provides better performance and enhanced security. As a recommendation, Bluehost is a great choice for both domain registration and hosting. On top of that, it also works extremely well with WordPress. 

Read more: Yoast SEO

Content: A blank page isn’t going to keep visitors on your site for very long, so you’re going to need to have something to show them. You can of course do your own content, but professional content creators can be useful in getting more conversions. 

Read more: writing great website copy.

SEO: This ensures your site gets found. You can do it yourself, but Yoast SEO helps simplify the process and can reduce costs by guiding you on how to optimize pages as you write. 

Read more: how to use the Yoast SEO plugin.

Here’s a chart to explain the above in a quick-check guide: 

Area  Description 
Design  Custom visuals, layout, user interface (UI), mobile responsiveness 
User experience (UX)   Navigation logic, site structure, call-to-action placement 
Development   Code, content management system (CMS), plug-ins or features 
Domain and hosting   Your website’s address and where it lives online 
Content and SEO   Written pages, blog posts, metadata, and optimizations 
Ongoing maintenance  Plugin updates, security, backups, fixes 

Upfront costs:

Of course, none of this comes for free, unless there are some things you can do yourself like copywriting or photography. This will still cost you in terms of time though, so it may be worth considering hiring a professional if there are other areas of your business that you would rather focus on. With that in mind, let’s take a quick look at some upfront costs that you will only have to pay for once at the very start.

Type of cost Low estimate High estimate
Domain name €10/year €50/year
Design & UX €0 (DIY template) €10,000+
Development (CMS setup, features, integrations) €0 (DIY) €40,000+
Initial content (copywriting, images, product setup) €200 €5,000+

Ongoing and variable costs:

Obviously, once your website is up and running, that’s not the end of the story. You are presumably here for the long-term and that means there are going to be recurring costs. These cover things like hosting, so your site can stay live, maintenance, to keep everything secure and updated, and you’ll need to continually post new content to engage with your site’s visitors.

Ongoing costs (billed monthly or yearly):

Type of cost Low estimate High estimate
Hosting €50/year €300+/year
Maintenance & security (updates, backups, SSL, fixes) €100/month €500+/month
Ongoing content & SEO €200/year €5,000+/year

Variable costs:

Most people spend their time focusing on the look and feel of their site and while that is important, it’s not the only thing to consider. It’s understandable that things like legal technicalities and CDNs are not front-of-mind when you’re excited about growing your business but it is necessary. That means you’ll need to complete these, often overlooked, tasks to make sure that you remain on track for growth and stay compliant.

Type of cost Low estimate High estimate
Marketing & ads €100/month €10,000+/month
Accessibility & legal compliance €200 €5,000+
Scaling & performance upgrades (plugins, CDN, extra development work) €100 €10,000+

Website building options 

There are three main ways to build a site, and your choice here will have an impact on the final cost.  

1. DIY builders (like Wix or Squarespace)  

These platforms, as well as some others, will let you build a site from scratch without the need for any technical skills. They’re affordable, quick to set up and ideal for portfolio sites, hobby sites, or small businesses. If you are using these site builders for business, you might find them limiting when you need to scale or want more advanced SEO.   

2. WordPress + Yoast  

For most successful small and medium sized businesses, WordPress is an excellent solution as it’s flexible, scalable, and widely supported. What’s more, when you pair it with Yoast SEO for WooCommerce you can start publishing optimized content from day one, making your online store more visible instantly. This makes it more affordable in the long run as there’s no need for an agency, and you can add features as you grow rather than having to rebuild every time.  

3. Custom-built website via an agency 

For complex businesses like advanced ecommerce or security services, a custom-built site is their best option. It’s the most expensive option but gives you complete control, giving you everything you want without having to compromise on anything. However, you may find that tailored code and features will cost a lot more.     

Watch out for these hidden costs 

One common misconception is that the costs end when your site goes live. That’s just not true, in fact, some of the most expensive problems show up after launch. These can include:  

Non-converting content: You can have the most beautiful website in the world but if it’s not pulling in paying customers, there’s a problem. Try investing in professional copywriting and SEO-friendly content that will ensure visitors take action.   

Dropped traffic: Starting off with bad SEO can really hamper your traffic. Without help, it’s easy to make errors that could take months to fix. This is very much a case of prevention is better than cure.  

Technical debt: Sites built on outdated technology or poorly coded templates may work at first but become costly to maintain or upgrade after a while.   

Accessibility cost: It’s important that you make sure your site caters to all, especially those who may have visual or audio impairments. 

Legal costs: There are certain legal requirements to take care of. These aren’t just there to protect the customer; they protect you too. So, don’t forget that you’ll need things like a cookie consent tool and a term of service policy. 

How Yoast saves you money (over time) 

Yoast isn’t about saving you money on upfront costs; what it does is prevent expensive mistakes. It will save you money over time though as you’ll benefit from reduced costs of ongoing SEO and content marketing. 

To get more specific though, Yoast’s real-time SEO guidance helps you write better, optimized content without needing to hire a writer. In addition, the Readability analysis and Internal linking suggestions are two features that help to reduce bounce rates by making your content perform better, which literally translates into more conversions. On top of this, adding structured data manually is time consuming and costly. Yoast automates much of this, giving you rich search results without developer costs. And if that’s not enough to whet your appetite, there are free and premium options.  

Feature  How it saves you money  
Real-time SEO guidance   Write better content, faster, without hiring an SEO expert  
Readability analysis  Engaged readers means more conversions 
Schema & structured data   Get results without coding knowledge 
Internal linking suggestions   Boost traffic to key pages without external help 

Budgeting tips for small business owners 

By spending smart, you can get big results for less. Here are a few things to keep in mind: 

  1. Start with clarity, not complexity
    Fancy animations might look nice, but if they confuse your visitors, they’re not worth the price. 
  1. Spend more on content than code
    Great content = better SEO = better ROI.   
  1. Invest in tools that scale with you
    WordPress and Yoast both grow with your business. 
  1. Plan for the long game
    Don’t treat launch as the finish line. Content updates and SEO tweaks are ongoing.

Read more: How to optimize your crawl budget

Ecommerce vs. general website: does it change the cost? 

Yes, dramatically. Ecommerce sites need: 

  • Payment gateways. 
  • Product listings. 
  • Inventory management. 
  • Legal disclaimers. 
  • Stronger performance and security. 

Expect to pay more, sometimes a lot more, for development, plugins, and maintenance. But again, tools like Yoast SEO help make your product pages more visible and your content more persuasive.   

Platforms like WooCommerce give you a practical and flexible way to run your online store without having to reinvent the wheel. But the real key to success is visibility, after all, if people can’t find you, they can’t buy from you. And this is what Yoast SEO for WooCommerce does best.  

Read more: See how Yoast helps ecommerce sites

Final thoughts 

Ultimately, what matters about your site most is what it does for your business. With WordPress and Yoast, you can create a professional site that looks great, enhances your online visibility, and grows with your business, without breaking the bank. One of the best things you can do to really set the wheels in motion now though is to go to this guide WordPress for beginners training course and learn how to put yourself and your company first.

Good SEO isn’t a luxury; it’s a smart investment, so start today. Good luck!

Avatar of Brendan Reid
Brendan Reid

Brendan is a seasoned writer with a particular interest in SMEs. What he really enjoys is being able to provide real, actionable steps that can be taken today to start making business better for everyone.

Ecommerce MGMT 0 Comments
Aug 29 2025
From Plugins To Performance: What CMOs Need To Ask About Their WordPress Stack via @sejournal, @alexmoss

WordPress is still the most popular open-source content management system (CMS) – by far – powering 43.5 % of all websites on the web, and still in my opinion the most adaptable CMS to work with.

However, WordPress isn’t just a plug-and-play CMS. If you’re in the marketing team or the CMO, you may find yourself inheriting and using a WordPress site that will most likely have a less-than-ideal stack setup.

Don’t accept that this is just the setup you have. If your tech stack isn’t aligned correctly, it could directly hinder some of your own goals.

While it may seem that you should delegate all technical decisions to the development/IT team, these decisions may overrule wider business goals.

As such, it may be time to audit your installation and setup in order to break free of these stack limitations.

If you’re a CMO, this post will cover the different considerations when thinking of the optimal WordPress tech stack that also aligns with your own goals.

What A Tech Stack Includes

From a top-level, the WordPress tech stack involves the following:

  • Server infrastructure.
  • Hosting infrastructure.
  • Performance & caching.
  • Security.
  • Dev tools.
  • WordPress layer.
  • Monitoring and analytics.
  • Backup and recovery.

This can be seen in more detail in this diagram:

WordPress Tech Stack, containing all considerations.Image created by author, August 2025

There’s a lot to consider. With that, let’s delve into what you, as a CMO, should be asking yourself and others to ensure this stack is at its best.

The Invisible Cost Of Cheap Hosting

Shared hosting might seem cost-effective, but in my experience, it’s often the most expensive choice in the long term.

When your site shares resources with hundreds of others, performance becomes unpredictable. This can affect many things, from general speed and performance, but also how search engines and large language models (LLMs) crawl/discover your site, as well as how a human may experience the site itself.

Dedicated servers or managed WordPress hosting may be a larger investment, but in turn reduces technical overheads while providing the infrastructure needed for growth and scale.

For the level up from this, WordPress-based Cloud hosting is the most robust solution, but would require more technical expertise to manage.

What CMOs Should Ask:

  • Are we on shared hosting or dedicated infrastructure? If the former, why?
  • Are all server resources, such as PHP, up to date?
  • What happens to site performance during traffic spikes?
  • Who is responsible for server-level maintenance, optimizations, and security?
  • For potential traffic spikes, are there solutions and safeguards in place, such as load balancers?
  • Can we grow and scale with our current solution?

Performance: The Business Metric Disguised As A Tech Metric

Developers and technical SEOs alike will obsess over PageSpeed/Lighthouse scores, but things such as Core Web Vitals aren’t just technical benchmarks but also conversion metrics in disguise.

A one-second delay in mobile load times can impact mobile conversions by up to 20%. If Largest Content Paint (LCP) exceeds 2.5 seconds, then your next sale is at high risk before there’s a chance to convert them.

Performance optimization in WordPress isn’t straightforward when looking forensically. Many “solutions” can create new problems. Even well-intentioned optimizations and fixes over the longer term can cause conflicts or other knock-on effects. Over time, this becomes a “Frankenstein” site of many elements patched together in an attempt to keep it ‘alive’ that becomes expensive to unravel and can cause the site to be a “write-off”. This practice is more common than you think.

What CMOs Should Ask:

  • How does our site perform on PageSpeed Insights, GTmetrix, and YSlow? What can be improved? How do we perform against competitors?
  • Is caching properly set up? Are we considering all levels (server, object, page, CDN, etc.)?
  • Do we have all minification tools set up correctly?
  • Is our database architecture the best it can be? How can this be improved?
  • What and how often is our database cleaned? Does this include revisions?
  • How are our images performing? Have they been optimized? Are we using more modern formats such as WebP?
  • Who owns the performance metric?

This isn’t about chasing perfect scores; it’s about ensuring your technical foundation supports rather than potentially sabotaging your marketing objectives.

Deciding On A Theme Should Be Long-Term

There are thousands of WordPress themes out there.

In a perfect scenario, the theme itself would be custom-built, incorporating WordPress’ own Gutenberg block editor, as it’s part of the core. As well as this, full site editing functionality makes this process even easier.

If your budget can’t stretch to custom-built theme development, it’s then extremely important to choose the right theme.

Ensure that you research the theme properly, making an informed choice that is performance-led to complement the stack, not convenience-led for editors.

But remember, your choice of theme is more long-term than installing a plugin you find you don’t need a month/year later. Because of this, themes should have a more considered and informed approach.

Bonus Consideration: Page Builders

Generally, the people who end up using WordPress on a day-to-day basis are not the same people who developed it or set it up.

Because of this, there can sometimes be clashes when it comes to what someone in your marketing team wants versus what should be implemented with technical best practice.

Page builders such as Elementor and Divi do offer a lot more freedom and flexibility for page creation and design, but come with the downside of potential code bloat and resource allocation.

Ensure that your decisions are not influenced too much by this request, because that is what it is, a request.

What CMOs Should Ask:

  • How does our current theme/builder choice impact site performance?
  • Is our current theme built for purpose? Is it a theme that caters to the masses, or is it developed specifically for me or my niche?
  • Are we locked into a specific page builder? What does the builder offer that Gutenberg and FSE don’t? What are the migration implications?
  • Are our choices forming a good balance between design flexibility with technical performance?
  • Do we have the development resources to support our chosen approach?
  • Are there conflicts between the page builder and other resources/assets?

Plugin-ception

“There’s a plugin for that.”

This is a phrase we’ve all heard or said before – myself included. There will be a plugin for that, yes – but it shouldn’t be the answer every time you want to extend functionality.

While I do have a select number of “core” plugins that I confidently choose to use on any site, this does not mean that I would choose to install a plugin because it solved one problem that may not be enough to substantiate installing if it warrants the technical debt the plugin will add.

Estimates suggest, the average WordPress site runs 20-30 plugins, with many serving overlapping functions or creating conflicts.

Bonus: Some Plugins Require Attention Post-Installation

There are some plugins that have a simple “plug and play” approach. But whenever I install anything, I always delve further into its setup, configuration, and how this can impact the performance of a site.

One thing to know is that, in general, you should not approach any plugin with an “install and ignore” mindset.

Check the settings. Go through the first-time configuration (FTC). Audit the configuration.

Furthermore, plugins not only provide valuable under-the-hood optimizations and enhancements, but also present an opportunity for the site to evolve alongside your business and marketing activities.

Actively using these plugins means your stack continues to benefit from the latest features, innovations, and improvements.

What CMOs Should Ask:

  • How many plugins are currently active on our site?
  • When was our last plugin audit?
  • What plugins are we dependent on for our core business functions?
  • Have all plugins been configured correctly?
  • Are the plugins that require ongoing work being used?
  • Are there conflicts with other plugins?
  • Are there any incumbent plugins stopping the development of the site as a whole?
  • (More aggressive) What will happen to the wider business goals if [Plugin X] is no longer used?

The more plugins that are installed, the higher the risk of incompatibility, conflicts, and security vulnerabilities.

Security: Be Proactive, Not Reactive

One would think that security is always the top priority to ensure the safe operation of any website. Incorrect.

Breaches can devastate not just the site, but in turn, your brand reputation, while also incurring large immediate costs and most likely some loss of earnings in the future as a result.

While on the more extreme end of the scale, earlier this year, some hackers breached a number of large UK retailers, including Marks and Spencer, causing £300 million in lost profits, with no real measurement on how this has affected them since.

It doesn’t take long or cost much (in some cases, the solutions are free) to add some layers of security to your stack.

Whether it’s adding rules within Cloudflare or installing Sucuri or Wordfence, don’t just leave your site unprotected while you “sit tight and assess” – take proactive steps to secure your stack.

What CMOs Should Ask:

  • What security measures do we currently have for the site?
  • Are any and all vulnerabilities monitored?
  • Is everything up to date? This includes not just WordPress core, themes, and plugins, but also on a server level, such as PHP.

Maintenance: Forgotten Until Required

WordPress maintenance often gets treated as a technical afterthought, but I consider this to be a critical marketing function.

Outdated plugins not only create conflicts that have knock-on effects on both the frontend and backend of the site but also expose you to security vulnerabilities that I just covered above.

The choice between manual and automatic updates reflects deeper strategic priorities.

Manual updates provide more control but require dedicated resources and staging environments for testing prior to deployment. Automatic updates may reduce maintenance overhead, but there is always a risk of conflicts during critical business periods.

What CMOs Should Ask:

  • Who is responsible for WordPress core, plugin, and theme updates? Do they have all the required access in case of disaster scenarios?
  • Who is responsible for legal, compliance, and privacy on the site?
  • Is everything up to date? If not, is there a reason for this?
  • Do we have staging environments for testing changes before anything is deployed to a production environment?
  • What’s our rollback plan if an update breaks critical functionality?
  • How do we balance security needs with stability requirements?

“Frankenstein” Sites Only Get You So Far For So Long…

If you have a theme that is now years old, perhaps five or more, it’s likely that over time the theme (unless extremely well maintained) will eventually cause issues and conflicts, more so when you want to grow and scale.

Optimizing the site over time is obviously suggested, but after a prolonged amount of time, this becomes more challenging and less possible without conflicts arising.

What CMOs Should Ask:

  • When was the last time a theme was chosen?
  • When was it last audited? Is the theme still fit for purpose today?
  • Is a theme update causing conflicts with other resources and plugins?
  • Are there legacy plugins or other functionality that prevent essential updates to WordPress or PHP, forcing the site to remain on outdated versions (therefore limiting access to new features, improved security, or better performance)?
  • Are ad hoc maintenance costs and “patchwork” over two to three years costing more than a potential rebuild (i.e., Is it a “write-off”)?

Key Takeaways

Below is a high-priority checklist that you can act on now:

Priority Action Item Stakeholder(s)
Critical Audit the current hosting environment and audit invisible costs. CMO, Tech Lead, Finance
Critical Review plugin presence and usage: configuration, conflicts, necessity. Tech, SEO, Product, Marketing
Critical Implement and verify up-to-date security layers (e.g., Sucuri, WAF). CTO, IT
High Define clear responsibilities for updates, rollbacks, and compliance. Product, Legal, Marketing
High Schedule routine theme and plugin audits. Dev/Project Manager
High Set up or review staging/testing environments for changes. Tech Lead/DevOps
Medium Plan for a long-term theme or potential rebuild if “Frankenstein.” CMO, CTO
Medium Calculate ongoing maintenance costs vs possible site overhaul. Finance, CMO, CTO

Your WordPress stack should never be considered “set and forget.”

Don’t wait for something to break, because when something does, it will most likely cause more loss than any proactive investment to ensure there isn’t one.

More Resources:

Featured Image: Ashan Randika/Shutterstock

Ecommerce MGMT 0 Comments