384,000 sites still pulling code from sketchy polyfill.io code library recently bought by Chinese firm

More than 384,000 websites are linking to a site that was caught last week performing a supply-chain attack that redirected visitors to malicious sites, researchers said. For years, the JavaScript code, hosted at polyfill[.]com, was a legitimate open source project that allowed older browsers to handle advanced functions that weren’t natively supported. By linking to Read more about 384,000 sites still pulling code from sketchy polyfill.io code library recently bought by Chinese firm[…]