en.javascript.info icon indicating copy to clipboard operation
en.javascript.info copied to clipboard

Published 20 hours ago verified publisher icon javascript-tutorial

Remove the link to polyfill.io, which is found to serve malware

Open KonerDev opened this issue 8 months ago • 1 comments

Describe the bug

On the page https://javascript.info/polyfills there is a link to polyfill.io, which is found to serve malware because the site was sold to a Chinese company. Instead, replace it with a link from the Github repository, which as far as I know is not affected: https://github.com/polyfillpolyfill/polyfill-service

The polyfill.io site is currently offline.

Sources

https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/ https://sansec.io/research/polyfill-supply-chain-attack

KonerDev avatar Jun 28 '24 14:06 KonerDev