June 25, 2024 at 07:58PM
The polyfill.io domain, previously used to add JavaScript polyfills to websites, has been found serving malicious code, infecting over 100,000 sites. Security firms warn website owners to remove any embedded code from the domain. Google is blocking affected websites’ ads, and affected site owners are being notified. The domain’s sale to a Chinese organization in February raised concerns.
Here are the key takeaways from the meeting notes:
– The domain polyfill.io, previously used for providing JavaScript polyfills to websites, has been identified as serving malicious code, posing a significant cyber threat to over 100,000 websites.
– Security firms have flagged the issue and advised organizations to immediately remove any JavaScript code from the polyfill.io domain from their websites.
– Google has taken action by blocking Google Ads for websites using the impacted code to reduce potential exposure and protect users.
– The source of the threat has been traced back to Funnull, a Chinese CDN operator that acquired the polyfill.io domain and has since been using it in a supply chain attack.
– Andrew Betts, the creator of the open-source polyfill service project, has advised against using polyfill.io and urged website owners to remove its code following the change in ownership.
– Concerns about relying on the Chinese entity for maintaining and securing the underlying project prompted other CDN providers, such as Fastly and Cloudflare, to create mirrors of polyfill.io to mitigate the risk.
These takeaways highlight the urgency of addressing the security threat posed by the polyfill.io domain and the need for immediate action to safeguard affected websites and their users.