GIGAZINE

Malware infects JavaScript library 'Polyfill.io' affecting over 100,000 websites

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...
GIGAZINE

The registrar has suspended the domain of the JavaScript library 'Polyfill.io' after it was discovered to be infected with malware.

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...
TechRadar

Thousands of websites told to ditch Polyfill service after Chinese hackers hijack it to serve malware

Website administrators are being urged to remove the Polyfill.io service immediately after it was found to be serving malware to site visitors. A polyfill is a piece of code (typically JavaScript) ...
Ars Technica

384,000 sites pull code from sketchy code library recently bought by Chinese firm

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript ...
Infosecurity-magazine.com

WordPress Plugins at Risk From Polyfill Library Compromise

WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by Patchstack today. The advisory references a Polyfill supply ...