#polyfill

Richi JenningsChinese company takes over widely used free web service—almost 400,000 websites at risk.Last week, we warned you to remove any dependencies on the <a href="https://vmst.io/tags/Polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#Polyfill</a>.io web browser fallback service. It’s been taken over by malicious actors and is being used in <a href="https://vmst.io/tags/SupplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#SupplyChain</a> attacks, say researchers.This week brings more research, showing the problem’s almost four times as big as we thought. And major public websites are still using it—including government services.It’s quite a worry. In <a href="https://vmst.io/tags/SBBlogwatch" class="mention hashtag" rel="nofollow noopener" target="_blank">#SBBlogwatch</a>, we daren’t even breathe on this house of cards. At @TechstrongGroup’s @SecurityBlvd: <a href="https://securityboulevard.com/2024/07/polyfill-supply-chain-richixb/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc" rel="nofollow noopener" translate="no" target="_blank">https://securityboulevard.com/2024/07/polyfill-supply-chain-richixb/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc</a>

Neil CraigThere's nothing new about using 3rd party-hosted assets. That's always been convenient but a terrible idea WRT security.Host *all* of your own assets (and version them). Simple but effective.<a href="https://mastodon.social/tags/PolyFill" class="mention hashtag" rel="nofollow noopener" target="_blank">#PolyFill</a> <a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a> <a href="https://mastodon.social/tags/WebDev" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebDev</a>

Infoblox Threat IntelPolyfill is going to linger for a longtime and the actors are clever. They will likely continue to change up things. Additional domains have been popping up in the wild, and we use DNS signatures to locate others. Here's our current list of related infrastructure. We have a funny story to share about Polyfill in a few weeks. Anyone got others mssing here? <a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener" target="_blank">#dns</a> <a href="https://infosec.exchange/tags/polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#polyfill</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a> <a href="https://infosec.exchange/tags/tds" class="mention hashtag" rel="nofollow noopener" target="_blank">#tds</a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener" target="_blank">#phishing</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybercrime</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> static-file[.]net staticfile[.]org staticfile[.]net fzg999[.]com bootcdn[.]net union.macoms[.]la newcrbpc[.]com bootcss[.]com terncent[.]com bootcdn[.]cn xhsbpza[.]com staticsfile[.]org polyfill[.]com cdn.polyfill[.]io polyfill[.]io kuurza[.]com ut89.v.bsclink[.]cn 5f52353c.u.fn03[.]vip googie-anaiytics[.]com polyfill.io.bsclink[.]cn

InfoQ⚠️Security alert! Sansec unveiled a new supply chain attack targeting the <a href="https://techhub.social/tags/Polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#Polyfill</a> JS service when accessed through several CDNs hosting it.Over 100K sites impacted! Advise removing Polyfill from any sites using it!Dive into the details: <a href="https://bit.ly/4cp3oNR" rel="nofollow noopener" translate="no" target="_blank">https://bit.ly/4cp3oNR</a> <a href="https://techhub.social/tags/InfoQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoQ</a> <a href="https://techhub.social/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://techhub.social/tags/CDN" class="mention hashtag" rel="nofollow noopener" target="_blank">#CDN</a> <a href="https://techhub.social/tags/CloudSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudSecurity</a> <a href="https://techhub.social/tags/SoftwareSupplyChain" class="mention hashtag" rel="nofollow noopener" target="_blank">#SoftwareSupplyChain</a>

stux⚡<a href="https://mstdn.social/tags/Polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#Polyfill</a> supply chain attack embeds malware in JavaScript CDN assetsOn June 25, 2024, the Sansec security research and malware team announced that a popular JavaScript polyfill project had been taken over by a foreign actor identified as a Chinese-originated company<a href="https://dev.to/snyk/polyfill-supply-chain-attack-embeds-malware-in-javascript-cdn-assets-55d6" rel="nofollow noopener" translate="no" target="_blank">https://dev.to/snyk/polyfill-supply-chain-attack-embeds-malware-in-javascript-cdn-assets-55d6</a>

Sam Stepanyan :verified: 🐘<a href="https://infosec.exchange/tags/Polyfill" class="mention hashtag" rel="nofollow noopener" target="_blank">#Polyfill</a>: <a href="https://infosec.exchange/tags/CDN" class="mention hashtag" rel="nofollow noopener" target="_blank">#CDN</a> Service “polyfill.io” Used by 100K+ Websites Provided Malicious Code in Responses:<a href="https://checkmarx.com/blog/alert-cdn-service-polyfill-io-used-by-100k-websites-provided-malicious-code-in-responses/" rel="nofollow noopener" translate="no" target="_blank">https://checkmarx.com/blog/alert-cdn-service-polyfill-io-used-by-100k-websites-provided-malicious-code-in-responses/</a>

Recent searches

Search options

Administered by:

Server stats: