<div dir="ltr"><div class="gmail_default" style="font-size:small"><table class="element" width="100%" cellspacing="0" cellpadding="5" border="0"><tbody><tr><td class="gmail-table">Polyfill.io: a web library cloud service that is in use by many sites, is now a provider of malware, after being acquired, and used as a supply chain vector. <br><br><a href="https://thehackernews.com/2024/06/over-110000-websites-affected-by.html">https://thehackernews.com/2024/06/over-110000-websites-affected-by.html</a><br><br><a href="https://sansec.io/research/polyfill-supply-chain-attack">https://sansec.io/research/polyfill-supply-chain-attack</a><br><br>Some Drupal modules use <a href="http://polyfill.io">polyfill.io</a>, and the Drupal security team issued a public service announcement about it.<br><br><a href="https://www.drupal.org/psa-2024-06-26">https://www.drupal.org/psa-2024-06-26</a></td></tr><tr><td class="gmail-table"><br></td><td class="gmail-table"><br></td></tr></tbody></table></div><span class="gmail_signature_prefix">-- </span><br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature">Khalid M. Baheyeldin<br><br></div></div>