The owners of Polyfill.io have relaunched the JavaScript CDN service on a new domain after polyfill.io was shut down as researchers exposed it was delivering malicious code on upwards of 100,000 ...

Cloudflare similarly states that Polyfill's .io domain cannot be trusted, and has shared a solution for any domain Cloudflare proxies. The Polyfill domain in question is falsely stating that ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Cory Benfield discusses the evolution of ...

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected up to tens of millions of websites has been traced to a ...

One of the biggest digital supply chain attacks of the year was launched by a little-known company that redirected large numbers of internet users to a network of copycat gambling sites, according to ...

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...

About 100,000 sites have potentially been compromised in a supply chain attack following an alleged Chinese firm’s takeover of a popular open-source library. The compromise involved the acquisition of ...

The recent supply chain attack targeting the popular Polyfill.io JavaScript library is significantly larger than first thought. New research from Censys reveals that over 380,000 web servers worldwide ...

Add Yahoo as a preferred source to see more of our stories on Google. When you buy through links on our articles, Future and its syndication partners may earn a commission. Credit: Shutterstock/Africa ...

Website administrators are being urged to remove the Polyfill.io service immediately after it was found to be serving malware to site visitors. A polyfill is a piece of code (typically JavaScript) ...