December 3, 2024 at 05:39PM Many organizations using CDN-provided WAF services are misconfiguring them, exposing back-end servers to direct attacks. This affects nearly 40% of Fortune 100 companies, including major brands. Researchers found that inadequate request validation and lack of security best practices are primary causes of this widespread vulnerability, making servers accessible to Internet … Read more
June 28, 2024 at 05:48AM The polyfill.io domain was suspended due to reports of malicious activity, with the Chinese owner claiming defamation. The domain was used to host polyfills, but reports of potential supply chain risks surfaced. Industry players like Google and Cloudflare took action, redirecting links and warning users. Funnull, the Chinese content delivery … Read more
June 27, 2024 at 11:56PM After its website shutdown, Polyfill.io’s owner battles accusations of distributing suspicious code on various websites. Anger-fueled social media posts target CDN titan Cloudflare and media for “malicious defamation.” Experts and a domain registrar warn of supply chain risks. The site has relocated to polyfill[.]com. Cloudflare also launches a JavaScript URL … Read more