The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to "https://cdn.polyfill\[.\]io" or "https://cdn.polyfill\[.\]com" in their HTTP responses, the attack
The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "https://cdn.polyfill\[.\]io" or "https://cdn.polyfill\[.\]com" in their HTTP responses, the attack
https://thehackernews.com/2024/07/polyfillio-attack-impacts-over-380000.html