all InfoSec news
Researchers Warn of Widespread Polyfill Supply Chain Attack
Malware Analysis, News and Indicators - Latest topics malware.news
A popular JavaScript library used by more than 100,000 websites has been injecting malicious code into pages delivered to mobile users in some circumstances and researchers and CDN providers are warning site owners to remove the library immediately.
The incident began earlier this week when researchers noticed that in some cases, the polyfill.io library was injecting dynamic code that would redirect users to a third-party site. Researchers estimate more than 100,000 sites are affected by this at the moment. Polyfill.io …
attack cases cdn code incident javascript library malicious mobile polyfill popular remove researchers supply supply chain supply chain attack warning websites week