On 24 June 2024, cybersecurity company Sansec published a security advisory detailing how an associated Polyfill domain (cdn.polyfill[.]io) was being used to insert malicious code in scripts served to mobile end users in a web supply chain attack. Polyfill is a popular open-source JavaScript library embedded in more than 100,000 websites to provide polyfills, a … Polyfill Supply Chain Attack Impacts 100K+ Sites
Article Link: Polyfill Supply Chain Attack Impacts 100K+ Sites | Arctic Wolf