Around 100,000 sites have potentially been compromised in a supply chain attack following an alleged Chinese firm’s takeover of a popular open-source library. The compromise involved the acquisition of polyfill.io, a domain name linked to the open-source Polyfill project, in February.
Source: SiliconANGLE