Sources
Loading...
Additional media
Loading...
DeepNewz, mobile.
People-sourced. AI-powered. Unbiased News.
A supply chain attack has compromised over 491,000 websites through a domain takeover. The incident began on June 26 when a Chinese company acquired a domain and modified the JavaScript library 'polyfill.js' to redirect users to malicious and scam sites. Google has taken steps to block ads for e-commerce sites using the compromised service. The attack has affected over 100,000 websites, including Hulu, and has prompted alerts from Google, Cloudflare, and multiple cybersecurity firms and software engineers.
It's now over 48h since the Polyfill incident started. Many threatfeeds are still not flagging it... over 491000 sites impacted and looking at other hijacked domains like bootcdn[.]net and staticfile[.]org many more impacted too https://t.co/VS2dcFt2qH
When A Cyberattack Takes Down Your Supply Chain Software #supplychain #logistics #security https://t.co/mkIwSmaUNE
Google, Cloudflare, and over half a dozen cybersecurity firms and software engineers are sounding the alarm about a compromised web domain plugged into over 100,000 sites, including Hulu: https://t.co/Zda45waFpW
