GIGAZINE

Malware infects JavaScript library 'Polyfill.io' affecting over 100,000 websites

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...
Bleeping Computer

Polyfill.io JavaScript supply chain attack impacts over 100K sites

Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and ...
GIGAZINE

The registrar has suspended the domain of the JavaScript library 'Polyfill.io' after it was discovered to be infected with malware.

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...
PC Magazine

Domain That Redirected Hulu, 491K+ Other Websites to Porn Gets Shut Down

Original Story 6/27: Security experts warn that a legacy JavaScript library known as Polyfill.io has been compromised. This domain is reportedly used by over 100,000 sites, including Disney-owned ...
Bleeping Computer

Polyfill claims it has been 'defamed', returns after domain shut down

The owners of Polyfill.io have relaunched the JavaScript CDN service on a new domain after polyfill.io was shut down as researchers exposed it was delivering malicious code on upwards of 100,000 ...
Dark Reading

Polyfill.io Supply Chain Attack Smacks Down 100K+ Websites

A domain that more than 100,000 websites use to deliver JavaScript code is now being used as a conduit for a Web supply chain attack that uses dynamically generated payloads, redirects users to ...