GIGAZINE

Malware infects JavaScript library 'Polyfill.io' affecting over 100,000 websites

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...
GIGAZINE

The registrar has suspended the domain of the JavaScript library 'Polyfill.io' after it was discovered to be infected with malware.

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...
PC Magazine

Domain That Redirected Hulu, 491K+ Other Websites to Porn Gets Shut Down

The Polyfill domain was reportedly sold to a Chinese company, dubbed Funnull, back in February. A site linked to data protection firm Leak Signal notes: "There are many risks associated with allowing ...
TechRadar

Thousands of websites told to ditch Polyfill service after Chinese hackers hijack it to serve malware

Website administrators are being urged to remove the Polyfill.io service immediately after it was found to be serving malware to site visitors. A polyfill is a piece of code (typically JavaScript) ...
Infosecurity-magazine.com

WordPress Plugins at Risk From Polyfill Library Compromise

WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by Patchstack today. The advisory references a Polyfill supply ...
Dark Reading

Polyfill.io Supply Chain Attack Smacks Down 100K+ Websites

A domain that more than 100,000 websites use to deliver JavaScript code is now being used as a conduit for a Web supply chain attack that uses dynamically generated payloads, redirects users to ...