-
![Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies](https://encircle-it.com/wp-content/uploads/2025/02/polyfill-io-attack-impacts-over-380000-hosts-including-major-companies.jpg)
Polyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies
The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to “https://cdn.polyfill[.]io” or “https://cdn.polyfill[.]com” in their HTTP responses, the attack
-
Nonprofits Albertina Kerr, Exceed Enterprises merge
Albertina Kerr and Exceed Enterprises say the merger will expand their reach and help them become stronger advocates for clients.
-
Portland salsa maker lands new production space, plots to create co-packing plant
Hot Mama Salsa took over a portion of the old New Seasons Market central kitchen. It’s building its own capacity and planning to open the excess to others.
-
Microsoft Uncovers Critical Flaws in Rockwell Automation PanelView Plus
Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. “The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device,”…
-
Brazil Halts Meta’s AI Data Processing Amid Privacy Concerns
Brazil’s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users’ personal data to train the company’s artificial intelligence (AI) algorithms. The ANPD said it found “evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and…
-
Global Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt Strike
A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike. The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690…
-
Twilio’s Authy App Breach Exposes Millions of Phone Numbers
Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users’ cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named…
-
Travis Marston files for recount with Oregon Secretary of State
-
Alaska Airlines expands Mexico service
Flights from LAX to La Paz begin in November and LAX-Monterrey flights begin in February.
-
Opinion: As development costs skyrocket, a call to publicly finance Portland’s BDS
Writer Nathan Austin has crunched the numbers, and says he has a better way the city can serve builders.
