#CloudflareAlert

Polyfill claims it has been ‘defamed’, returns after domain shut down

by

June 27, 2024 at 06:57AM The Polyfill.io JavaScript CDN service was shut down due to researchers discovering malicious code being delivered to over 100,000 websites. The service has since been relaunched on a new domain, polyfill.com, claiming to have no supply chain risks. However, doubts remain due to security practitioners’ findings and concerns raised by … Read more

Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack

by

June 26, 2024 at 01:01AM Google has blocked ads for e-commerce sites using Polyfill.io due to a supply chain attack. The Chinese company Funnull acquired the domain and altered the JavaScript library to redirect users to malicious sites, impacting over 110,000 sites. Concerns have been raised about the security and maintenance of the library, prompting … Read more