Search
Items tagged with: polyfillio
From cyberplace.social/@GossiTheDog…
All credit to @GossiTheDog
Without CDN/Archived: web.archive.org/web/sansec.io/…
Polyfill[.]io is now serving malware.
This is why you should not rely embed third party scripts on your website.
Only load JavaScript from domains you own - and preferably, only load JavaScript you/your organization wrote.
Third party JavaScript is and will always be a threat to privacy and security.
Polyfill supply chain attack hits 100K+ sites
The new Chinese owner of the popular Polyfill JS project injects malware into more than 100 thousand sites.Sansec
uBlock Origin has blocklisted PolyfillIO in it's badware list.
github.com/uBlockOrigin/uAsset…
#uBlockOrigin #polyfillio #polyfillioattack
Add polyfill.io as badware due to supplychain attack by SISheogorath · Pull Request #24255 · uBlockOrigin/uAssets
URL(s) where the issue occurs polyfill.io / cdn.polyfill.io Describe the issue This patch adds polyfill.io to badware.txt due to an ongoing supplychain attack using the domain and its subdomains. R...GitHub