Skip to content

polyfill.io domain attempted a supply chain attack

The polyfill (dot) io domain that’s been used in more than 100000 sites has attempted a supply chain attack and injects malicious code.

Please monitor suspicious activity on your accounts, system, etc.

Note that the polyfill (dot) io domain was never official in the first place, and was bought by a company in China at one point.

Developers: Use a reputable CDN.