E-Commerce security firm Sansec unveiled a new supply chain attack affecting the Polyfill JS service when accessed through a number of CDNs hosting it. According to Sansec, over 100K sites were hit. The original author of the service, Andrew Betts, suggested removing Polyfill from any sites using it. According to Sansec, a malicious actor has taken control of a number of domains to spread malware since at least June 2023. In their first report, only the https://cdn.polyfill.io domain was flagged...