Techly NewsGet the app

Get the latest tech news

384,000 Sites Pull Code From Sketchy Code Library Recently Bought By Chinese Firm


An anonymous reader quotes a report from Ars Technica: More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate...

On June 25, researchers from security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. Even then, content delivery networks such as Cloudflare began automatically replacing pollyfill links with domains leading to safe mirror sites. The findings underscore the power of supply-chain attacks, which can spread malware to thousands or millions of people simply by infecting a common source they all rely on.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Chinese

Chinese

Photo of Sites

Sites

Photo of Code

Code

Related news:

News photo

Chinese EV makers bypass EU and US tariff roadblock by turning towards Africa

News photo

Tesla Cars Make It Onto a Chinese Province’s Procurement List

News photo

We've banned Chinese telco kit and drones. Next: Mountain bikes?

« Five common English words we don't know the origins of–including 'boy' and 'dog'
Intel IDXD Driver To Better Handle Accelerators In Event Of Hardware Errors »