179
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 04 Jul 2024
179 points (96.9% liked)
Technology
55960 readers
3802 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
This is the best summary I could come up with:
]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren’t natively supported.
On June 25, researchers from security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites.
Even then, content delivery networks such as Cloudflare began automatically replacing pollyfill links with domains leading to safe mirror sites.
The findings underscore the power of supply-chain attacks, which can spread malware to thousands or millions of people simply by infecting a common source they all rely on.
“Since the domain was suspended, the supply-chain attack has been halted,” Aidan Holland, a member of the Censys Research Team, wrote in an email.
What’s more, the Internet scan performed by Censys found more than 1.6 million sites linking to one or more domains that were registered by the same entity that owns polyfill[.]io.
The original article contains 645 words, the summary contains 148 words. Saved 77%. I'm a bot and I'm open source!