The polyfill.js
file is a popular open-source library to ensure old browsers compatibility when evaluating JavaScript code. Starting February 2024, the domain polyfill.io
and the related GitHub account have been purchased by a malicious threat actor to inject malwares in all web applications relying on, at least, the cdn.polyfill.io
domain. The polyfill.js
file cannot be trusted anymore as the malicious code could have been redistributed on other CDNs or locally copied in various plugins.
No source data