An attacker tampered with trusted JavaScript files used by WordPress sites running PushEngage, OptinMonster, and TrustPulse, turning those files into a way to break into the sites. When a site ...
We are looking for contributors. Please check open issues in the above repos if you think you could help, or open a new one if you have an idea you'd like to discuss. jsDelivr is a free CDN for ...
Claims, counterclaims, website shutdowns, redirections and DDoS attacks were among the highlights (or lowlights) as news of the Polyfill supply chain attack entered its second day. After Polyfill(.)io ...
Polyfill, a JavaScript CDN service, claimed to be defamed and relaunched on a new domain after researchers exposed it for delivering malicious code on more than 1,00,000 websites. The service claimed ...
The polyfill.io domain is being used to infect more than 100,000 websites with malicious code after what's said to be a Chinese organization bought the domain earlier this year, researchers have said.
Tech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials. The recent large scale supply chain attack conducted ...