Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Prevent AI-generated tech debt with Skeleton ...

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...

WordPress plugins are currently facing significant security risks due to a recent discovery detailed in a security advisory published by Patchstack today. The advisory references a Polyfill supply ...

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript ...

A domain that more than 100,000 websites use to deliver JavaScript code is now being used as a conduit for a Web supply chain attack that uses dynamically generated payloads, redirects users to ...

In context: Polyfills are snippets of JavaScript code that provide modern features on older web browsers. There's nothing wrong with polyfills per se, but miscreants and cyber-criminals can easily ...