Some are government sites.
A relatively unheard of company called Funnull buys a commonly used javascript development company that provides web site services provided on Polyfill.io . These are helper scripts for older browsers. A hundred thousand sites rely upon this javascript which is dynamically loaded when a browser is not up to date. (Perfect hacking targets.) Because of it these sites (some of them official government sites), redirect you to malware sites and crazy advert sites!
"More than 100,000 sites are already carrying the hostile scripts, according to the Sansec security forensics team, which on Tuesday claimed Funnull, a Chinese CDN operator that bought the polyfill.io domain and its associated GitHub account in February, has since been using the service in a supply chain attack."
www.theregister.com
"Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites."
thehackernews.com
A relatively unheard of company called Funnull buys a commonly used javascript development company that provides web site services provided on Polyfill.io . These are helper scripts for older browsers. A hundred thousand sites rely upon this javascript which is dynamically loaded when a browser is not up to date. (Perfect hacking targets.) Because of it these sites (some of them official government sites), redirect you to malware sites and crazy advert sites!
"More than 100,000 sites are already carrying the hostile scripts, according to the Sansec security forensics team, which on Tuesday claimed Funnull, a Chinese CDN operator that bought the polyfill.io domain and its associated GitHub account in February, has since been using the service in a supply chain attack."
Remove Polyfill.io code from your website immediately
Scripts turn sus after mysterious CDN swallows domain
"Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites."
Over 110,000 Websites Affected by Hijacked Polyfill Supply Chain Attack
Google blocks ads on sites using compromised Polyfill.io. Over 110,000 websites affected. Learn about the security risks and alternative solutions.
thehackernews.com