Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies

The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024.
This includes references to « https://cdn.polyfill[.]io » or « https://cdn.polyfill[.]com » in their HTTP responses, the attack