Update: Polyfill.io, BootCDN, Bootcss, Staticfile Attack Traced to one Operator
Update: Polyfill.io, BootCDN, Bootcss, Staticfile Attack Traced to one Operator
01 July 2024
Researchers found a public GitHub repo where the operators of Polyfill.io accidentally exposed their Cloudflare secret keys. By using these leaked API keys, they were able to confirm that a single entity was behind the attack on all four domains.