Over 100,000 websites compromised after Polyfill.io gets exploited by Chinese company


Source: techspot.com techspot.com

Key Topics in this News Article:

News Snapshot:

In context: Polyfills are snippets of JavaScript code that provide modern features on older web browsers. There's nothing wrong with polyfills per se, but miscreants and cyber-criminals can easily abuse them to turn legit websites into threats against visitors. Originally developed as an open-source project for offering JS polyfills to third-party developers, the polyfill.io domain is now a dangerous internet threat. Earlier this week, security analysts discovered that a mysterious Chinese entity named Funnull is abusing the domain to inject malicious code into websites. Funnull is a content distribution network (CDN) provider believed to be operated by Chinese cyber-criminals, although...