Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea
The 2024 incident was initially linked to China, but an infostealer infection has now revealed North Korean involvement. The post Polyfill Supply Chain Attack Impacting 100k Sites Linked to North Korea appeared first on SecurityWeek.
The Polyfill supply chain attack that hit more than 100,000 websites back in 2024 has now been linked to North Korean threat actors after it was initially tied only to China.
In February 2024, the popular Polyfill.io service, used by websites to deliver JavaScript code for browser compatibility, was acquired by Chinese CDN company Funnull, which then began injecting malicious JavaScript into scripts served from cdn.polyfill.io.
The malicious code, which targeted mobile users with evasion techniques and redirected them to betting or adult sites, was confirmed by security firms Sansec and C/side in June 2024.
Related breach coverage
- OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack2026-04-13
The AI giant is taking action after determining that a macOS code signing certificate may have been compromised. The post OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack appeared first on SecurityWeek.
- North Korean Hackers Target High-Profile Node.js Maintainers2026-04-06
The threat actor behind the Axios supply chain attack has been aiming at other maintainers in its social engineering campaign. The post North Korean Hackers Target High-Profile Node.js Maintainers appeared first on SecurityWeek.
- Axios NPM Package Breached in North Korean Supply Chain Attack2026-04-01
A long-lived NPM access token was used to bypass the GitHub Actions OIDC-based CI/CD publishing workflow and push backdoored package versions. The post Axios NPM Package Breached in North Korean Supply Chain Attack appeared first on SecurityWeek.
- Bitwarden NPM Package Hit in Supply Chain Attack2026-04-24
Tied to a fresh Checkmarx supply chain attack claimed by TeamPCP, the incident references the Shai-Hulud worm. The post Bitwarden NPM Package Hit in Supply Chain Attack appeared first on SecurityWeek.