Open KonerDev opened 1 week ago
On the page https://javascript.info/polyfills there is a link to polyfill.io, which is found to serve malware because the site was sold to a Chinese company. Instead, replace it with a link from the Github repository, which as far as I know is not affected: https://github.com/polyfillpolyfill/polyfill-service
The polyfill.io site is currently offline.
https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/ https://sansec.io/research/polyfill-supply-chain-attack
I've raised a PR for this
CSKishan
commented
6 days ago CSKishan
commented
6 days ago
Describe the bug
On the page https://javascript.info/polyfills there is a link to polyfill.io, which is found to serve malware because the site was sold to a Chinese company. Instead, replace it with a link from the Github repository, which as far as I know is not affected: https://github.com/polyfillpolyfill/polyfill-service
The polyfill.io site is currently offline.
Sources
https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/ https://sansec.io/research/polyfill-supply-chain-attack