Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator | allinfosecnews.com

June 28, 2024, 1 p.m. | Ax Sharma

BleepingComputer www.bleepingcomputer.com

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected up to tens of millions of websites has been traced to a common operator. Researchers discovered a public GitHub repository with leaked API keys helping them draw a conclusion. [...]

api api keys attack github github repository helping keys large leaked millions polyfill public repository researchers scale security supply supply chain supply chain attack websites

More from www.bleepingcomputer.com / BleepingComputer

Google Chrome to let Isolated Web App access sensitive USB devices 9 hours ago | www.bleepingcomputer.com

access api app apps +16

Juniper releases out-of-cycle fix for max severity auth bypass flaw 15 hours ago | www.bleepingcomputer.com

address assurance auth authentication +20

Dev rejects CVE severity, makes his GitHub repo read-only 16 hours ago | www.bleepingcomputer.com

bogus cve cves dev +14

Fake IT support sites push malicious PowerShell scripts as Windows fixes 16 hours ago | www.bleepingcomputer.com

devices error errors fake +13

Microsoft resumes rollout of Windows 11 KB5039302 update for most users 1 day, 13 hours ago | www.bleepingcomputer.com

blocking june microsoft resumes +6

Hackers exploit critical D-Link DIR-859 router flaw to steal passwords 1 day, 15 hours ago | www.bleepingcomputer.com

account collect critical critical vulnerability +17

Meet Brain Cipher — The new ransomware behind Indonesia's data center attack 1 day, 16 hours ago | www.bleepingcomputer.com

attack attention brain center +11

Infosys McCamish says LockBit stole data of 6 million people 2 days, 12 hours ago | www.bleepingcomputer.com

attack data information infosys +10

Dairy giant Agropur says data breach exposed customer info 2 days, 14 hours ago | www.bleepingcomputer.com

america breach customer customers +10

Consultant Sénior Cyber Sécurité H/F

@ Hifield | Lyon, France

View on infosec-jobs.com

Information Security & Resilience Analyst APAC

@ abrdn | Singapore

View on infosec-jobs.com

Technical Product Engineer

@ Palo Alto Networks | Tel Aviv-Yafo, Israel

View on infosec-jobs.com

Azure Cloud Architect

@ Version 1 | Dublin, Ireland

View on infosec-jobs.com

Junior Pen Tester

@ Vertiv | Pune, India

View on infosec-jobs.com

Information Security GRC Director

@ IQ-EQ | Hyderabad, India

View on infosec-jobs.com