Bleeping Computer

Cloudflare: We never authorized polyfill.io to use our name

Cloudflare, a lead provider of content delivery network (CDN) services, cloud security, and DDoS protection has warned that it has not authorized the use of its name or logo on the Polyfill.io website ...
Bleeping Computer

Polyfill.io JavaScript supply chain attack impacts over 100K sites

Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and ...
Ars Technica

384,000 sites pull code from sketchy code library recently bought by Chinese firm

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript ...
TechSpot

Over 100,000 websites compromised after Polyfill.io gets exploited by Chinese company

In context: Polyfills are snippets of JavaScript code that provide modern features on older web browsers. There's nothing wrong with polyfills per se, but miscreants and cyber-criminals can easily ...
TechRadar

Thousands of websites told to ditch Polyfill service after Chinese hackers hijack it to serve malware

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Website administrators are being urged to remove the Polyfill.io service immediately after it was ...
SiliconANGLE

Supply chain attack compromises 100,000 websites via polyfill.io domain takeover

About 100,000 sites have potentially been compromised in a supply chain attack following an alleged Chinese firm’s takeover of a popular open-source library. The compromise involved the acquisition of ...