Website administrators are being urged to remove the Polyfill.io service immediately after it was found to be serving malware to site visitors. A polyfill is a piece of code (typically JavaScript) ...

Cloudflare, a lead provider of content delivery network (CDN) services, cloud security, and DDoS protection has warned that it has not authorized the use of its name or logo on the Polyfill.io website ...

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has ...

Cloudflare similarly states that Polyfill's .io domain cannot be trusted, and has shared a solution for any domain Cloudflare proxies. The Polyfill domain in question is falsely stating that ...

In context: Polyfills are snippets of JavaScript code that provide modern features on older web browsers. There's nothing wrong with polyfills per se, but miscreants and cyber-criminals can easily ...

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...

More details have emerged surrounding FUNNULL, the company that bought the Polyfill.io service and used it to launch a major supply chain attack? New research claims the service is now being used as ...

WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by Patchstack today. The advisory references a Polyfill supply ...

A domain that more than 100,000 websites use to deliver JavaScript code is now being used as a conduit for a Web supply chain attack that uses dynamically generated payloads, redirects users to ...

One of the biggest digital supply chain attacks of the year was launched by a little-known company that redirected large numbers of internet users to a network of copycat gambling sites, according to ...