arstechnica , 2 days ago 384,000 sites link to code library caught performing supply-chain attack Many website admins, it seems, have yet to get memo to remove Polyfill[.]io links. https://arstechnica.com/security/2024/07/384000-sites-link-to-code-library-caught-performing-supply-chain-attack/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
384,000 sites link to code library caught performing supply-chain attack
Many website admins, it seems, have yet to get memo to remove Polyfill[.]io links.
https://arstechnica.com/security/2024/07/384000-sites-link-to-code-library-caught-performing-supply-chain-attack/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
asmaloney , 2 days ago @arstechnica It's not really a "supply chain" - it's a dependency. "supply chain" implies some kind of financial arrangement that simply doesn't exist when using a random person's git repo.
@arstechnica It's not really a "supply chain" - it's a dependency. "supply chain" implies some kind of financial arrangement that simply doesn't exist when using a random person's git repo.
nicolaottomano , 2 days ago @arstechnica Wait once it happens to jQuery or FontAwesome...
@arstechnica Wait once it happens to jQuery or FontAwesome...