InfoQ

Over 100K+ Sites Hit by Polyfill.io Supply Chain Attack

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Prevent AI-generated tech debt with Skeleton ...
GIGAZINE

Malware infects JavaScript library 'Polyfill.io' affecting over 100,000 websites

Polyfill.io, a JavaScript library that nullifies differences between web browser versions, was infected with malware and used in supply chain attacks after the project owner changed in February 2024, ...
GitHub

Babel/core-js URL polyfill breaks Webpack's new URL() for Web Workers

When @babel/preset-env targets an older browser environment (e.g., chrome >= 52) that lacks native support for the new URL(..., import.meta.url) syntax, it injects a polyfill for the URL constructor ...
GIGAZINE

The registrar has suspended the domain of the JavaScript library 'Polyfill.io' after it was discovered to be infected with malware.

Domain registrar Namecheap has suspended the domain of Polyfill.io, a JavaScript library that was found to be infected with malware. Namecheap Takes Down Polyfill.io ...
CSOonline

Formerly legitimate Polyfill.io domain abused to serve malicious code

A site formerly used to host a service geared towards adding JavaScript polyfills to web pages to ensure compatibility with older browsers is being abused to serve malicious scripts as part of a ...
Dark Reading

Polyfill.io Supply Chain Attack Smacks Down 100K+ Websites

A domain that more than 100,000 websites use to deliver JavaScript code is now being used as a conduit for a Web supply chain attack that uses dynamically generated payloads, redirects users to ...
GitHub

modulexcite/css-regions-polyfill-1

Use standard CSS regions syntax on the same page. #content{ /* pull content into a named flow */ flow-into: myflow; } .region{ /* flow the content into other boxes */ flow-from: myFlow; width: 200px; ...