Open SrslyJosh opened 2 months ago
TL;DR: A malicious company bought the polyfill.io domain and is using cdn.polyfill.io to selectively redirect clients to a sports betting site. This apparently has affected an enormous number of sites.
Report here: https://sansec.io/research/polyfill-supply-chain-attack
Please consider adding cdn.polyfill.io to the block list.
Thanks!
TL;DR: A malicious company bought the polyfill.io domain and is using cdn.polyfill.io to selectively redirect clients to a sports betting site. This apparently has affected an enormous number of sites.
Report here: https://sansec.io/research/polyfill-supply-chain-attack
Please consider adding cdn.polyfill.io to the block list.
Thanks!