[kwlug-disc] ***SPAM*** Polyfill.io: Another supply chain attack
Khalid Baheyeldin
kb at 2bits.com
Wed Jun 26 14:56:20 EDT 2024
Polyfill.io: a web library cloud service that is in use by many sites, is
now a provider of malware, after being acquired, and used as a supply chain
vector.
https://thehackernews.com/2024/06/over-110000-websites-affected-by.html
https://sansec.io/research/polyfill-supply-chain-attack
Some Drupal modules use polyfill.io, and the Drupal security team issued a
public service announcement about it.
https://www.drupal.org/psa-2024-06-26
--
Khalid M. Baheyeldin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20240626/d3c27a1f/attachment.htm>
More information about the kwlug-disc
mailing list