The owners of Polyfill.io have relaunched the JavaScript CDN service on a new domain after polyfill.io was shut down as researchers exposed it was delivering malicious code on upwards of 100,000 ...

One of the biggest digital supply chain attacks of the year was launched by a little-known company that redirected large numbers of internet users to a network of copycat gambling sites, according to ...

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...

In context: Polyfills are snippets of JavaScript code that provide modern features on older web browsers. There's nothing wrong with polyfills per se, but miscreants and cyber-criminals can easily ...

Website administrators are being urged to remove the Polyfill.io service immediately after it was found to be serving malware to site visitors. A polyfill is a piece of code (typically JavaScript) ...

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected up to tens of millions of websites has been traced to a ...

A domain that more than 100,000 websites use to deliver JavaScript code is now being used as a conduit for a Web supply chain attack that uses dynamically generated payloads, redirects users to ...

Remember FUNNULL, the company that bought the Polyfill.io service and used it to launch a major supply chain attack? New research says that the service is now being used as part of an enormous ...

The recent supply chain attack targeting the popular Polyfill.io JavaScript library is significantly larger than first thought. New research from Censys reveals that over 380,000 web servers worldwide ...