all AI news
Polyfill supply chain attack hits 100K+ sites
June 25, 2024, 10:17 p.m. |
Simon Willison's Weblog simonwillison.net
Polyfill supply chain attack hits 100K+ sites
Short version: if you are loading assets from the cdn.polyfill.io domain you need to remove that right now: the new owners of the domain (as of a few months ago) appear to be using it to serve malicious JavaScript.
polyfill.io was a fascinating service. It was originally developed and supported by the Financial Times, but span off as a separate project several years ago.
The key idea was to serve up a set …
cdn domain javascript loading security serve service supply chain supplychain you
More from simonwillison.net / Simon Willison's Weblog
Serving a billion web requests with boring code
1 day, 8 hours ago |
simonwillison.net
Django: Test for pending migrations
1 day, 9 hours ago |
simonwillison.net
Python 3.12 change results in Apple App Store rejection
2 days, 1 hour ago |
simonwillison.net
Open challenges for AI engineering
2 days, 7 hours ago |
simonwillison.net
Jobs in AI, ML, Big Data
Quantitative Researcher – Algorithmic Research
@ Man Group | GB London Riverbank House
Software Engineering Expert
@ Sanofi | Budapest
Senior Bioinformatics Scientist
@ Illumina | US - Bay Area - Foster City
Senior Engineer - Generative AI Product Engineering (Remote-Eligible)
@ Capital One | McLean, VA
Graduate Assistant - Bioinformatics
@ University of Arkansas System | University of Arkansas at Little Rock
Senior AI-HPC Cluster Engineer
@ NVIDIA | US, CA, Santa Clara