Now, a few months after that, this domain is serving actively malicious Javascript into the websites using it. They inject some malware into websites, redirecting users to sport betting websites. But they could easily also siphon everything your users enter on the website, change their content… 6/7
More details here: https://sansec.io/research/polyfill-supply-chain-attack
Renaud Chaput /
npub1qw…hwsmk
2024-06-25 20:07:25
in reply to nevent1q…mv4r
Author Public Key
npub1qwpfjy8caugpj782cv45tmx2gdjn47jky6m0mkpruy3zr4llu4jsahwsmkPublished at
2024-06-25 20:07:25Event JSON
{
"id": "7d3dcd3f57c3eff9b2eda8de760ea4fa26773f963f05d82be0ea544ca07e4301",
"pubkey": "03829910f8ef101978eac32b45ecca43653afa5626b6fdd823e12221d7ffe565",
"created_at": 1719346045,
"kind": 1,
"tags": [
[
"e",
"6d778b7a4173e34399cc745231798f770b2c9d26f93412f130ad94aeeb3300ba",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://oisaur.com/users/renchap/statuses/112679062452113433",
"activitypub"
]
],
"content": "Now, a few months after that, this domain is serving actively malicious Javascript into the websites using it. They inject some malware into websites, redirecting users to sport betting websites. But they could easily also siphon everything your users enter on the website, change their content… 6/7\n\nMore details here: https://sansec.io/research/polyfill-supply-chain-attack",
"sig": "2e64d7649a2f5661b08cf37794e1c05806e3955700d031f12f742420d51e2e7cc05d0d54c879f1fca4f26224a78b4f6ee899c9e200baa797308e059466ce2877"
}