Group items tagged

Google has taken steps to block ads for e commerce sites that use Polyfill.io service after Chinese company acquired the domain and modified the Javascript library to redirect users to scam and malicious sites. Polyfill is famous library that incorporates help for functions in web browsers. China based content delivery network CDN company Funnull. Over 110,000 sites that embed the library  are affected by supply chain attack. Sansec add in Tuesday report. The development urges web infrastructure providers Fastly and Cloudflare to offer other endpoints to assist users move away from polyfill.jo. The original creator of the project Andrew Betts said website owners to remove it urgently no website today requires any of polyfills in the polyfill .jo library. Most features add to web platform are adopted by mega browsers with few exceptions that can not be polyfilled anyway like Web Bluetooth and Web Serial. Such an attack occur if underlying third party is compromised or changes the code being served to end users in bad method causing  all websites using tool to be compromised. The code has protection against reverse engineering and only activates on special mobile devices at special hours. It does not activate when it detects an admin user. it delays execution when web analytics services is found presumably not end up in stats. San Francisco based c/side has issued an alert of its own domain maintainers added a Cloudflare Security Protection header to their site between March 7 and 8 2024. The Dutch e commerce security firm said domain "cdn.polfill.jo" has caught injecting malware that redirects user to sports betting and pornographic sites. The findings follow an advisory about security flaw impacting Adobe Commerce and Magento websites that continues to remain unpatched despite solution available since June 11 2024. It has emerged that 3rd parties can gain API admin reach without requiring a Linux version vulnerable to iconv issue making it more dangero