June 26, 2024 at 07:07AM Over 100,000 websites have been targeted by a supply chain attack injecting malware through a Polyfill domain, as reported by SecurityWeek. Based on the meeting notes, it appears that a supply chain attack involving the injection of malware through a Polyfill domain has impacted over 100,000 websites. This information was … Read more
June 26, 2024 at 01:01AM Google has blocked ads for e-commerce sites using Polyfill.io due to a supply chain attack. The Chinese company Funnull acquired the domain and altered the JavaScript library to redirect users to malicious sites, impacting over 110,000 sites. Concerns have been raised about the security and maintenance of the library, prompting … Read more
April 5, 2024 at 01:24PM Magecart attackers have devised a new method of implanting persistent backdoors in e-commerce websites to automatically deploy malware. They exploit a critical command injection vulnerability in the Adobe Magento e-commerce platform to execute arbitrary code, using a layout template to inject malware into compromised sites. Upgrading to specific versions of … Read more