Techly NewsGet the app

Get the latest tech news

Namecheap Takes Down Polyfill.io Service Following Supply Chain Attack


Polyfill.io has been serving malware for months via its CDN, after the project's open source maintainer sold the service to a company based in China.

Those impacted include high-profile users Atlassian, Sendgrid, JSTOR, Intuit, the World Economic Forum, FlatIcon, SiteGround, and many government websites. Shortly after the sale in February, Fastly DevRel Andrew Betts, who created the Polyfill Service Project, urged people to remove polyfill.io immediately from their websites. Notos CTO Renaud Chaput posted to the FormatJS repository, warning against the project recommending the service in a GitHub issue months ago.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of service

service

Photo of Supply chain attack

Supply chain attack

Related news:

News photo

NTT Data and Zebra Technologies partner on private 5G and device as a service

News photo

Plugins on WordPress.org backdoored in supply chain attack

News photo

Open Source ChatGPT Clone 'LibreChat' Lets You Use Every AI Service - While Owning Your Data

« Apple Pauses Work On Planned North Carolina Campus
Korean telco allegedly infected its P2P users with malware »