If there are any dependencies from polyfill.io, they could be compromised now and need replacing.
Some information about the change is at:
https://thehackernews.com/2024/06/over-110000-websites-affected-by.html
This could involve some compromised JavaScript third party libraries.
Google advised that compromised JavaScript may do malicious things like redirect traffic away from AccessLocator.
I searched 'polyfill.io' recursively in the whole code base and couldn't find a single occurrence. I also navigated a couple pages of https://app.accesslocator.com/ and https://demo.accesslocator.com/ and reviewed the network tab of developer tools. I couldn't find any requests from the browser to the polyfill.io domain.
If there are any dependencies from polyfill.io, they could be compromised now and need replacing.
Some information about the change is at:
https://thehackernews.com/2024/06/over-110000-websites-affected-by.html
This could involve some compromised JavaScript third party libraries.
Google advised that compromised JavaScript may do malicious things like redirect traffic away from AccessLocator.
I searched 'polyfill.io' recursively in the whole code base and couldn't find a single occurrence. I also navigated a couple pages of https://app.accesslocator.com/ and https://demo.accesslocator.com/ and reviewed the network tab of developer tools. I couldn't find any requests from the browser to the polyfill.io domain.