Cloudflare, a lead provider of content delivery network (CDN) services, cloud security, and DDoS protection has warned that it has not authorized the use of its name or logo on the Polyfill.io website ...

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has ...

Add Yahoo as a preferred source to see more of our stories on Google. When you buy through links on our articles, Future and its syndication partners may earn a commission. Credit: Shutterstock/Africa ...

One of the biggest digital supply chain attacks of the year was launched by a little-known company that redirected large numbers of internet users to a network of copycat gambling sites, according to ...

About 100,000 sites have potentially been compromised in a supply chain attack following an alleged Chinese firm’s takeover of a popular open-source library. The compromise involved the acquisition of ...

A domain that more than 100,000 websites use to deliver JavaScript code is now being used as a conduit for a Web supply chain attack that uses dynamically generated payloads, redirects users to ...

The big news this week was that OpenSSH has an unauthorized Remote Code Execution exploit. Or more precisely, it had one that was fixed in 2006, that was unintentionally re-introduced in version 8.5p1 ...

In context: Polyfills are snippets of JavaScript code that provide modern features on older web browsers. There's nothing wrong with polyfills per se, but miscreants and cyber-criminals can easily ...

UPDATE 6/28: Domain registrar Namecheap has shut down the Polyfill .io domain, thereby eliminating the previous issue posed to almost 500,000 websites, web security firm C/Side CEO Simon Wijckmans ...

The recent supply chain attack targeting the popular Polyfill.io JavaScript library is significantly larger than first thought. New research from Censys reveals that over 380,000 web servers worldwide ...