Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Polyfill.js is a popular open-source project that provides modern functionality on older browsers that do not support it natively; users embed it using the cdn.polyfill.io domain. On February 24, 2024, a Chinese company named Funnull acquired both the domain and the Github account. Following that acquisition, the developer, Andrew Betts, tweeted on his X account a warning for all of his service’s users urging them to remove any reference to polyfill from their code.

In a concerning development, TeamViewer, one of the world's leading remote access software providers, has disclosed a cyber attack that breached its corporate network environment. The incident was first detected on June 26, 2024, when TeamViewer's security team identified irregularities in their internal IT infrastructure. Responding swiftly, TeamViewer activated its incident response procedures and engaged renowned cybersecurity experts to investigate and mitigate the breach.

Polyfill.js is a Javascript library that helps old browsers run new modern features which these old browsers do not support natively. The library is popular among developers for helping them offer consistent user experience regardless of the browser environment the user is using. In February 2024, a Chinese company bought the domain polyfill.io and the Github account associated with it. Since then, they’ve been serving malware via cdn.polyfill.io as pointed by the team at Sansec.

Earlier this year, a Chinese company named Funnull acquired the polyfillio. Due to this acquisition, this code was used to redirect mobile visitors to scam sites. Over 100,000 websites using the previously popular Polyfill JS open-source project are vulnerable to attacks that redirect traffic to sports betting and pornography sites.

A critical exploit just hit the scene, targeting cdn.polyfill.io, a popular domain for polyfills. Over 110,000 websites have been compromised by this attack, embedding malware into JavaScript assets. But don’t worry, we’ve got your back.

Do you remember the last time you didn’t have water? Reliable water delivery is something many of us take for granted. Our local water treatment plant sits at the edge of our neighborhood, and I pass it every day on my way to take the kids to school. Not a lot seems to go on there, so it never occurred to me that I should be concerned about an attack on this critical infrastructure. What does occur to me is the possibility of a cyberattack on our water system.

CDK Global, a company that provides software for thousands of auto dealers, was hit by back-to-back cyberattacks on June 19. These attacks led to an outage that continued to impact many of their sales operations on Friday, according to the Associated Press. CDK told multiple news outlets that it is "actively investigating a cyber incident," and the company shut down all of its systems out of an abundance of caution.

Here’s what you need to know about the progression of the Polyfill supply chain attack and how to respond.

The recent attack on Snowflake accounts underscores a critical lesson for all cloud users: securely managing identities and access is paramount under the shared responsibility model. As more organizations leverage cloud services, it’s essential to understand that security is a collaborative effort between the service provider and the customer.