GIGAZINE

Malware infects JavaScript library 'Polyfill.io' affecting over 100,000 websites

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...
Ars Technica

384,000 sites pull code from sketchy code library recently bought by Chinese firm

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript ...
GIGAZINE

The registrar has suspended the domain of the JavaScript library 'Polyfill.io' after it was discovered to be infected with malware.

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...
Bleeping Computer

Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has ...
Bleeping Computer

Latest Polyfill.io news

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected up to tens of millions of websites has been traced to a ...
TechSpot

Over 100,000 websites compromised after Polyfill.io gets exploited by Chinese company

In context: Polyfills are snippets of JavaScript code that provide modern features on older web browsers. There's nothing wrong with polyfills per se, but miscreants and cyber-criminals can easily ...