all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

Add to bookmarks
July 5, 2024, 4:18 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack

attack censys companies domain findings hosts javascript july library major malicious polyfill scope script supply supply chain supply chain attack targeting thought

Visit resource

More from thehackernews.com / The Hacker News

Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries an hour ago | thehackernews.com
america american attacks banking +20
Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service 4 hours ago | thehackernews.com
attacker backdoors breach code +17
Apple Removes VPN Apps from Russian App Store Amid Government Pressure 4 hours ago | thehackernews.com
app apple apps communications +26
Webinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity Attacks 2 days, 22 hours ago | thehackernews.com
advanced alert attacks breaches +30
OVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik Routers 2 days, 23 hours ago | thehackernews.com
above akamai april attack +22
Blueprint for Success: Implementing a CTEM Operation 3 days ago | thehackernews.com
article attack attack surface business +9
GootLoader Malware Still Active, Deploys New Versions for Enhanced Attacks 3 days, 2 hours ago | thehackernews.com
analysis attacks compromised cybereason +9
Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies 3 days, 7 hours ago | thehackernews.com
attack censys companies domain +15
New Golang-Based Zergeca Botnet Capable of Powerful DDoS Attacks 3 days, 7 hours ago | thehackernews.com
attacks botnet called command +13

Jobs in InfoSec / Cybersecurity

Find Talent

Data Engineer

@ Capco | Switzerland - Zurich
View on infosec-jobs.com

Sr Principal Systems Engineer - Active Top Secret Required

@ General Dynamics Information Technology | USA DC Washington - Customer Proprietary (DCC076)
View on infosec-jobs.com

Software Engineer III

@ Walmart | IN KA BANGALORE Home Office Building 10
View on infosec-jobs.com

Аналитик Информационной безопасности

@ Future Open Technology Group | Tashkent, Tashkent, Uzbekistan
View on infosec-jobs.com

Staff Red Team Engineer

@ Palo Alto Networks | Santa Clara, CA, United States
View on infosec-jobs.com

Network Security Engineer

@ Jane Street | London, England, United Kingdom
View on infosec-jobs.com