all InfoSec News
Polyfill Supply Chain Attack: What It Is and How to Know If You’re Affected
June 27, 2024, 9:23 p.m. | Michael Kucek@veracode.com (Michael Kucek)
Application Security Research, News, and Education Blog www.veracode.com
Overview of Polyfill Supply Chain Attack
On June 25th, 2024, researchers at Sansec disclosed a supply chain attack affecting the polyfill.io content delivery network domain. This domain distributes the open-source polyfill.js library, which increases the compatible feature set of older browsers. In February 2024, the Chinese company Funnull acquired the polyfill.io domain. Sometime after that, the polyfill.io CDN began distributing malicious …
attack content delivery delivery domain june network polyfill researchers respond sansec supply supply chain supply chain attack
More from www.veracode.com / Application Security Research, News, and Education Blog
Jobs in InfoSec / Cybersecurity
Senior Corporate & Commercial Counsel
@ Armis Security | North Carolina, United States
Senior Corporate & Commercial Counsel
@ Armis Security | Georgia, United States
Senior Corporate & Commercial Counsel
@ Armis Security | Boston, Massachusetts, United States
Senior Corporate & Commercial Counsel
@ Armis Security | Austin, Texas, United States
IP Network Engineer
@ Rogers Communications | Calgary, AB, CA
Global Product Manager
@ Vodafone | London, GB