#polyfillio โ Public Fediverse posts
Live and recent posts from across the Fediverse tagged #polyfillio, aggregated by home.social.
-
What CVE should I use for the Polyfill[.]io supply chain attack? I see that CVE-2024-38526 exists, but it's specifically for pdoc. Is there a better one?
:boost_love:
-
What CVE should I use for the Polyfill[.]io supply chain attack? I see that CVE-2024-38526 exists, but it's specifically for pdoc. Is there a better one?
:boost_love:
-
What CVE should I use for the Polyfill[.]io supply chain attack? I see that CVE-2024-38526 exists, but it's specifically for pdoc. Is there a better one?
:boost_love:
-
What CVE should I use for the Polyfill[.]io supply chain attack? I see that CVE-2024-38526 exists, but it's specifically for pdoc. Is there a better one?
:boost_love:
-
What CVE should I use for the Polyfill[.]io supply chain attack? I see that CVE-2024-38526 exists, but it's specifically for pdoc. Is there a better one?
:boost_love:
-
Y'all remember #PolyfillIO?
I realize the lesson there is; don't depend on code from domains you don't control, and in an ideal world that's what you should do
But is there still a need there? Are there #webPlatform features you'd like to use but you don't want to introduce a build process just to bundle the #polyfill from #NPM?
Or is there no point in #polyfills since #browsers don't share caches between origins these days so there's no precaching benefit anymore?
-
Y'all remember #PolyfillIO?
I realize the lesson there is; don't depend on code from domains you don't control, and in an ideal world that's what you should do
But is there still a need there? Are there #webPlatform features you'd like to use but you don't want to introduce a build process just to bundle the #polyfill from #NPM?
Or is there no point in #polyfills since #browsers don't share caches between origins these days so there's no precaching benefit anymore?
-
Y'all remember #PolyfillIO?
I realize the lesson there is; don't depend on code from domains you don't control, and in an ideal world that's what you should do
But is there still a need there? Are there #webPlatform features you'd like to use but you don't want to introduce a build process just to bundle the #polyfill from #NPM?
Or is there no point in #polyfills since #browsers don't share caches between origins these days so there's no precaching benefit anymore?
-
Y'all remember #PolyfillIO?
I realize the lesson there is; don't depend on code from domains you don't control, and in an ideal world that's what you should do
But is there still a need there? Are there #webPlatform features you'd like to use but you don't want to introduce a build process just to bundle the #polyfill from #NPM?
Or is there no point in #polyfills since #browsers don't share caches between origins these days so there's no precaching benefit anymore?
-
Y'all remember #PolyfillIO?
I realize the lesson there is; don't depend on code from domains you don't control, and in an ideal world that's what you should do
But is there still a need there? Are there #webPlatform features you'd like to use but you don't want to introduce a build process just to bundle the #polyfill from #NPM?
Or is there no point in #polyfills since #browsers don't share caches between origins these days so there's no precaching benefit anymore?
-
ๅ ณไบ polyfill.io ใ bootcdn.net ๅ staticfile.org ็ญ็ๅ็ปญๆถๆฏ๏ผ
- ๅๅฝฑๅ็ CDN ๅ ๆฌ bootcdn.net ใ bootcss.com ใ staticfile.net ใ staticfile.org ็ญ [1]ใ
- uBlock ็ "Badware risks" ่ฟๆปคๅจๅทฒ็ป้ปๆญไบๅฐ่ฟไบ็ซ็น็่ฎฟ้ฎ๏ผNamecheap ๅ ณๅไบ polyfill.io ๅ polyfill.com ๅๅ [2]๏ผGoogle ไบฆๅผๅงๅๆญขๆๆพไฝฟ็จ polyfill.io ็ฝ็ซ็ๅนฟๅ [1]ใ
- Cloudflare ๆไพไบ่ชๅจๆฟๆข่ณ่ชๆ Polyfill ็ๆๅก๏ผ้ป่ฎคๅฏนๅ ่ดน่ฎกๅ็็ซ็นๅฏ็จ๏ผไป่ดน่ฎกๅ็็ซ็นๅฏไปฅๆๅทฅๅฏ็จ [3]ใ
- ไธไฝๅฎๅ จ็ ็ฉถ่ ๅ็ฐ๏ผGitHub ไธ็ data.polyfill.com ๅบๅญๅจไบ Cloudflare API ๅฏ้ฅ๏ผๅนถ็จๅฏ้ฅ่ฎฟ้ฎ Cloudflare API ๅ็ฐๅไธไธช่ดฆๆทๆงๅถ็ไปฅไธ็่ฟไบๅๅ [2]ใ
1. sansec.io/~
2. bleepingcomputer.com/~
3. blog.cloudflare.com/~
thread: /4551
[ๆ่ฐข ๅคๅ้ ๆไพๆญคๆถๆฏใ]
#PolyfillIO #Security -
So, I'm thinking; what if I build polyfill.io, but on the Blockchain! Hey come back..
Hear me out; #fleekfunctions are immutable, and transparent. So long as the #fleeknetwork nodes can be trusted to execute the code properly (I presume there are cryptographic guarantees of output validity) then it could be safer from supply chain attacks.
#webDev #polyfillio #polyfill #supplyChain #hacking #web3 #blockchain #fleek #javaScript
-
So, I'm thinking; what if I build polyfill.io, but on the Blockchain! Hey come back..
Hear me out; #fleekfunctions are immutable, and transparent. So long as the #fleeknetwork nodes can be trusted to execute the code properly (I presume there are cryptographic guarantees of output validity) then it could be safer from supply chain attacks.
#webDev #polyfillio #polyfill #supplyChain #hacking #web3 #blockchain #fleek #javaScript
-
So, I'm thinking; what if I build polyfill.io, but on the Blockchain! Hey come back..
Hear me out; #fleekfunctions are immutable, and transparent. So long as the #fleeknetwork nodes can be trusted to execute the code properly (I presume there are cryptographic guarantees of output validity) then it could be safer from supply chain attacks.
#webDev #polyfillio #polyfill #supplyChain #hacking #web3 #blockchain #fleek #javaScript
-
So, I'm thinking; what if I build polyfill.io, but on the Blockchain! Hey come back..
Hear me out; #fleekfunctions are immutable, and transparent. So long as the #fleeknetwork nodes can be trusted to execute the code properly (I presume there are cryptographic guarantees of output validity) then it could be safer from supply chain attacks.
#webDev #polyfillio #polyfill #supplyChain #hacking #web3 #blockchain #fleek #javaScript
-
So, I'm thinking; what if I build polyfill.io, but on the Blockchain! Hey come back..
Hear me out; #fleekfunctions are immutable, and transparent. So long as the #fleeknetwork nodes can be trusted to execute the code properly (I presume there are cryptographic guarantees of output validity) then it could be safer from supply chain attacks.
#webDev #polyfillio #polyfill #supplyChain #hacking #web3 #blockchain #fleek #javaScript
-
On July 5th, PolyfillIO switched to polyfill[.]top
This domain is currently unblocked by uBlock Origin and all major blocklists.
Tweet: https://x[.]com/Polyfill_Global/status/1809122842145141114
Thread with more information and also making fun of Windows users. -
On July 5th, PolyfillIO switched to polyfill[.]top
This domain is currently unblocked by uBlock Origin and all major blocklists.
Tweet: https://x[.]com/Polyfill_Global/status/1809122842145141114
Thread with more information and also making fun of Windows users. -
On July 5th, PolyfillIO switched to polyfill[.]top
This domain is currently unblocked by uBlock Origin and all major blocklists.
Tweet: https://x[.]com/Polyfill_Global/status/1809122842145141114
Thread with more information and also making fun of Windows users. -
On July 5th, PolyfillIO switched to polyfill[.]top
This domain is currently unblocked by uBlock Origin and all major blocklists.
Tweet: https://x[.]com/Polyfill_Global/status/1809122842145141114
Thread with more information and also making fun of Windows users. -
384,000 sites pull code from sketchy code library recently bought by Chinese firm | @dangoodin
A supply-chain attack on Polyfill.io, a #JavaScript library, redirected users to malicious sites. So far, bootcss.com is the only domain showing any signs of potential malice. The nature of the other associated endpoints remains unknown
#CyberSecurity #SupplyChainAttack #WebDevelopment #WebProgramming #WebSecurity #Polyfill #PolyfillIO
-
384,000 sites pull code from sketchy code library recently bought by Chinese firm | @dangoodin
A supply-chain attack on Polyfill.io, a #JavaScript library, redirected users to malicious sites. So far, bootcss.com is the only domain showing any signs of potential malice. The nature of the other associated endpoints remains unknown
#CyberSecurity #SupplyChainAttack #WebDevelopment #WebProgramming #WebSecurity #Polyfill #PolyfillIO
-
384,000 sites pull code from sketchy code library recently bought by Chinese firm | @dangoodin
A supply-chain attack on Polyfill.io, a #JavaScript library, redirected users to malicious sites. So far, bootcss.com is the only domain showing any signs of potential malice. The nature of the other associated endpoints remains unknown
#CyberSecurity #SupplyChainAttack #WebDevelopment #WebProgramming #WebSecurity #Polyfill #PolyfillIO
-
384,000 sites pull code from sketchy code library recently bought by Chinese firm | @dangoodin
A supply-chain attack on Polyfill.io, a #JavaScript library, redirected users to malicious sites. So far, bootcss.com is the only domain showing any signs of potential malice. The nature of the other associated endpoints remains unknown
#CyberSecurity #SupplyChainAttack #WebDevelopment #WebProgramming #WebSecurity #Polyfill #PolyfillIO
-
384,000 sites pull code from sketchy code library recently bought by Chinese firm | @dangoodin
A supply-chain attack on Polyfill.io, a #JavaScript library, redirected users to malicious sites. So far, bootcss.com is the only domain showing any signs of potential malice. The nature of the other associated endpoints remains unknown
#CyberSecurity #SupplyChainAttack #WebDevelopment #WebProgramming #WebSecurity #Polyfill #PolyfillIO
-
> #China-based company #Funnull acquired the domain and the GitHub account that hosted the #JavaScript code. On June 25, researchers from #security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.
-
> #China-based company #Funnull acquired the domain and the GitHub account that hosted the #JavaScript code. On June 25, researchers from #security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.
-
> #China-based company #Funnull acquired the domain and the GitHub account that hosted the #JavaScript code. On June 25, researchers from #security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.
-
> #China-based company #Funnull acquired the domain and the GitHub account that hosted the #JavaScript code. On June 25, researchers from #security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.
-
> #China-based company #Funnull acquired the domain and the GitHub account that hosted the #JavaScript code. On June 25, researchers from #security firm Sansec reported that code hosted on the polyfill domain had been changed to redirect users to adult- and gambling-themed websites. The code was deliberately designed to mask the redirections by performing them only at certain times of the day and only against visitors who met specific criteria.
-
If you're using #polyfillio code on your site โ like 100,000+ are โ remove it immediately
https://www.theregister.com/2024/06/25/polyfillio_china_crisis/
-
If you're using #polyfillio code on your site โ like 100,000+ are โ remove it immediately
https://www.theregister.com/2024/06/25/polyfillio_china_crisis/
-
If you're using #polyfillio code on your site โ like 100,000+ are โ remove it immediately
https://www.theregister.com/2024/06/25/polyfillio_china_crisis/
-
If you're using #polyfillio code on your site โ like 100,000+ are โ remove it immediately
https://www.theregister.com/2024/06/25/polyfillio_china_crisis/
-
If you're using #polyfillio code on your site โ like 100,000+ are โ remove it immediately
https://www.theregister.com/2024/06/25/polyfillio_china_crisis/
-
#JavaScript-Service Polyfill.io: 100.000 Sites binden Schadcode รผber CDN ein | Developer https://www.heise.de/news/Jetzt-handeln-Schadcode-ueber-CDN-des-JavaScript-Service-Polyfill-io-verteilt-9778256.html #polyfillio
-
#JavaScript-Service Polyfill.io: 100.000 Sites binden Schadcode รผber CDN ein | Developer https://www.heise.de/news/Jetzt-handeln-Schadcode-ueber-CDN-des-JavaScript-Service-Polyfill-io-verteilt-9778256.html #polyfillio
-
#JavaScript-Service Polyfill.io: 100.000 Sites binden Schadcode รผber CDN ein | Developer https://www.heise.de/news/Jetzt-handeln-Schadcode-ueber-CDN-des-JavaScript-Service-Polyfill-io-verteilt-9778256.html #polyfillio
-
#JavaScript-Service Polyfill.io: 100.000 Sites binden Schadcode รผber CDN ein | Developer https://www.heise.de/news/Jetzt-handeln-Schadcode-ueber-CDN-des-JavaScript-Service-Polyfill-io-verteilt-9778256.html #polyfillio
-
#JavaScript-Service Polyfill.io: 100.000 Sites binden Schadcode รผber CDN ein | Developer https://www.heise.de/news/Jetzt-handeln-Schadcode-ueber-CDN-des-JavaScript-Service-Polyfill-io-verteilt-9778256.html #polyfillio
-
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator
#CDN #CLOUDFLARE #POLYFILLIO #SUPPLYCHAINATTACK https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/ -
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator
#CDN #CLOUDFLARE #POLYFILLIO #SUPPLYCHAINATTACK https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/ -
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator
#CDN #CLOUDFLARE #POLYFILLIO #SUPPLYCHAINATTACK https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/ -
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator
#CDN #CLOUDFLARE #POLYFILLIO #SUPPLYCHAINATTACK https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/ -
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator
#CDN #CLOUDFLARE #POLYFILLIO #SUPPLYCHAINATTACK https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/ -
> The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator
> Researchers discovered a public GitHub repository where the purported operators of Polyfill.io had accidentally exposed their Cloudflare secret keys.
LOL, FAIL!
#polyfill #polyfillio #cloudflare #bootcdn #bootcss #staticFile #security
-
> The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator
> Researchers discovered a public GitHub repository where the purported operators of Polyfill.io had accidentally exposed their Cloudflare secret keys.
LOL, FAIL!
#polyfill #polyfillio #cloudflare #bootcdn #bootcss #staticFile #security
-
> The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator
> Researchers discovered a public GitHub repository where the purported operators of Polyfill.io had accidentally exposed their Cloudflare secret keys.
LOL, FAIL!
#polyfill #polyfillio #cloudflare #bootcdn #bootcss #staticFile #security
-
> The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator
> Researchers discovered a public GitHub repository where the purported operators of Polyfill.io had accidentally exposed their Cloudflare secret keys.
LOL, FAIL!
#polyfill #polyfillio #cloudflare #bootcdn #bootcss #staticFile #security
-
> The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator
> Researchers discovered a public GitHub repository where the purported operators of Polyfill.io had accidentally exposed their Cloudflare secret keys.
LOL, FAIL!
#polyfill #polyfillio #cloudflare #bootcdn #bootcss #staticFile #security