#CDNSecurity

Cloudflare: We never authorized polyfill.io to use our name

by

June 27, 2024 at 05:25AM Cloudflare issues a warning about the unauthorized usage of its name and logo on Polyfill.io, as the latter was involved in a supply chain attack injecting malware on websites. Cloudflare automatically replaces polyfill.io links with safe ones for user safety. An automatic URL rewriting service has been released for Cloudflare … Read more

If you’re using Polyfill.io code on your site – like 100,000+ are – remove it immediately

by

June 25, 2024 at 07:58PM The polyfill.io domain, previously used to add JavaScript polyfills to websites, has been found serving malicious code, infecting over 100,000 sites. Security firms warn website owners to remove any embedded code from the domain. Google is blocking affected websites’ ads, and affected site owners are being notified. The domain’s sale … Read more