all InfoSec news
The Pollyfill.io software supply chain attack: Lessons learned
Malware Analysis, News and Indicators - Latest topics malware.news
See RL's Joshua Knox break down the Polyfill.io supply chain attack on YouTube.
The cybersecurity firm Sansec this week disclosed a significant software supply chain attack that leveraged the content delivery network (CDN) Pollyfill.io. The CDN, used by a countless number of websites, was pushing out malicious code and redirecting a significant number of Internet users to spam sites.
Pollyfill.io was a community-run CDN service that was bought by Funnull, a Chinese company, in February. Researcher Andrew Betts, …
attack cdn code content delivery cybersecurity delivery down lessons learned malicious network polyfill sansec software software supply chain software supply chain attack supply supply chain supply chain attack websites week youtube