Over 384,000 websites, including mainstream companies like Hulu and Mercedes-Benz, still link to a site that has been performing a supply-chain attack, say researchers. The site, cdn.polyfill[.]io, was a legitimate project that allowed old browsers to run advanced functions, but after being bought by China-based Funnull, it was seen redirecting visitors to malicious sites. Since domain registrar Namecheap suspended the site, the attacks have halted. However, Funnull continues to own over 1.6 million sites, each with the potential to resume these types of attacks.
Ubuntu Desktop Systems Vulnerability Enables Attackers to Gain Full Root Access
A Local Privilege Escalation (LPE) vulnerability in default installations of Ubuntu Desktop 24.04 and later allows an unprivileged local attacker to gain full root access.
