OSTechNix

JavaScript Timestamp Bugs: How UTC Mistakes Break Web Apps

Learn how a single JavaScript Date() timezone mistake silently corrupts web apps and how to fix timestamp bugs in JS, Python, cron jobs, MySQL, and React SSR.
GitHub

jsDelivr - Open Source CDN

We are looking for contributors. Please check open issues in the above repos if you think you could help, or open a new one if you have an idea you'd like to discuss. jsDelivr is a free CDN for ...
SecurityWeek

Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys

Censys has discovered more than 380,000 hosts, including major platforms, still referencing the malicious polyfill.io domain. JavaScript scripts referencing the recently suspended polyfill.io domain ...
Candid Today Press

Polyfill claims defamation, returns on new domain after shutdown

Polyfill, a JavaScript CDN service, claimed to be defamed and relaunched on a new domain after researchers exposed it for delivering malicious code on more than 1,00,000 websites. The service claimed ...
thecyberexpress

Polyfill Supply Chain Attack Could Affect 4% of the Web; Shutdowns, DDoS Attacks Among Spillover

Claims, counterclaims, website shutdowns, redirections and DDoS attacks were among the highlights (or lowlights) as news of the Polyfill supply chain attack entered its second day. After Polyfill(.)io ...
theregister

If you're using Polyfill.io code on your site – like 100,000+ are – remove it immediately

The polyfill.io domain is being used to infect more than 100,000 websites with malicious code after what's said to be a Chinese organization bought the domain earlier this year, researchers have said.
Bleeping Computer

Latest Polyfill.io news

The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected up to tens of millions of websites has been traced to a ...