Over 384,000 websites, including mainstream companies like Hulu and Mercedes-Benz, still link to a site that has been performing a supply-chain attack, say researchers. The site, cdn.polyfill[.]io, was a legitimate project that allowed old browsers to run advanced functions, but after being bought by China-based Funnull, it was seen redirecting visitors to malicious sites. Since domain registrar Namecheap suspended the site, the attacks have halted. However, Funnull continues to own over 1.6 million sites, each with the potential to resume these types of attacks.
Week in review: Salesloft Drift breach investigation results, malicious GitHub Desktop installers
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Salesloft Drift data breach: Investigation reveals how attackers got in
