Polyfill.io Supply Chain Attack
Summary#
Invicti identified the usage of Pollyfill in the target web server’s HTTP response.
Polyfill.io, a widely used JavaScript library, was compromised following its acquisition by Funnull, a China-based CDN company. Malicious code was injected into the library, redirecting users to harmful websites.
Impact#
Affected Users:
Over 110,000 websites
Nature of Malicious Activity:
Over 110,000 websites
Nature of Malicious Activity:
- Redirecting users to sports betting and pornographic sites.
- Specific activation on certain mobile devices at particular times.
- Delayed execution to evade web analytics detection.
- Avoidance of activation when an admin user is detected.
Remediation#
Immediate Action: Remove Polyfill.io from affected websites and replace it with secure alternatives provided by Cloudflare and Fastly.
Vulnerability Index
You can search and find all vulnerabilities
Select Category
OR
Search Vulnerability
Related Vulnerabilities
