Polyfill Panic: 384,000 Websites Unwittingly Link to Malicious Code, Big Names Affected

Polyfill.io’s supply-chain attack has 384,000 websites redirecting to malicious sites. The JavaScript code, once a legitimate tool for legacy browsers, was hijacked after a February acquisition by China-based Funnull. Major companies and even government sites are affected, highlighting the vast reach of such attacks.

3P
Published: July 5, 2024 8:09 pmAdded: July 5, 2024 at 1:16 pmAssembled by: The Editor
Pro Dashboard

Hot Take:

Who knew that the bridge to the future of web compatibility would turn into a toll booth for malware? It’s like finding out your favorite ice cream shop is now selling broccoli-flavored cones. Let’s just say, the JavaScript party turned into a malicious masquerade ball real quick.

Key Points:

  • More than 384,000 websites linked to a compromised JavaScript code site.
  • The site, Polyfill[.]com, was acquired by a China-based company, Funnull.
  • Malicious code redirected users to adult and gambling sites under specific conditions.
  • Industry-wide actions included domain suspension, ad blocking, and link replacement.
  • Major companies and even the federal government were affected.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?