#PolyfillIo

If you’re using Polyfill.io code on your site – like 100,000+ are – remove it immediately

by

June 25, 2024 at 07:58PM The polyfill.io domain, previously used to add JavaScript polyfills to websites, has been found serving malicious code, infecting over 100,000 sites. Security firms warn website owners to remove any embedded code from the domain. Google is blocking affected websites’ ads, and affected site owners are being notified. The domain’s sale … Read more

Polyfill.io JavaScript supply chain attack impacts over 100K sites

by

June 25, 2024 at 02:12PM The Polyfill.io service, used by over 100,000 sites, was compromised in a supply chain attack after being acquired by a Chinese company, leading to injection of malicious code. Cloudflare and Fastly set up mirrors to mitigate the risk, and Google warned advertisers of the issue impacting landing pages and causing … Read more