DeepNewz Markets

Market

What will be identified as the primary source of malicious code injection by September 30, 2024?

Chinese•Funnull•WordPress•Namecheap

Resolution / Starting Odds

Polyfill.io service • 33%

Compromised WordPress plugins • 33%

Both equally • 33%

Security firm reports or official investigations

Story

Supply Chain Attack on Polyfill.io and WordPress Plugins Impacts Over 100,000 Websites

Jun 26, 2024, 05:06 AM

A significant supply chain attack has impacted over 100,000 websites using the Polyfill.io service. The attack began after the domain was acquired by the Chinese company 'Funnull,' which injected malicious code into the service. This code redirected visitors to unwanted sites without the website owners' knowledge. The attack has also affected WordPress plugins, with as many as 36,000 sites compromised. Security experts are advising immediate removal of the Polyfill.io code from affected websites to mitigate the risk. The cdn.polyfill.io domain is currently being used in the attack, and experts have called on Namecheap to take action. The attack was reported by darkreading.

View original story

Similar markets

What will be the primary method of exploitation for CVE-2024-28986 in reported attacks by end of 2024?

Phishing • 25%

Direct network attack • 25%

Malware installation • 25%

Other • 25%

What will be identified as the primary method of delivering Voldemort and Latrodectus malware by end of 2024?

Phishing emails • 25%

Malicious websites • 25%

Compromised software updates • 25%

Other • 25%

What will be the primary method used by hackers to exploit CVE-2024-44133 in 2024?

Bypassing user consent • 25%

Terminal redirection • 25%

Gatekeeper bypass • 25%

Other method • 25%

What will be the primary method of exploitation for CVE-2024-6409 in the wild by the end of 2024?

Phishing attacks • 25%

Direct server exploitation • 25%

Malware distribution • 25%

Other • 25%

What will be the primary source of the next major DDoS attack on Cloudflare by the end of 2024?

Botnet of hijacked routers • 25%

Compromised DVRs • 25%

Compromised web servers • 25%

Other • 25%

What will be identified as the primary method used by the malware to spread by the end of 2024?

Cloud services • 25%

Email phishing • 25%

Social engineering • 25%

Other • 25%

What will be the primary method of BlueNoroff malware distribution by June 30, 2025?

Phishing emails • 25%

Compromised software downloads • 25%

Malicious websites • 25%

Other • 25%

What will be identified as the primary method used by Flax Typhoon to infiltrate systems by end of 2024?

Phishing • 25%

Zero-day exploits • 25%

Malware • 25%

Other • 25%

What will be the primary exploit method in Windows 11 vulnerability attacks by April 30, 2025?

Kernel Rootkit • 25%

SSDT Hook • 25%

Infinityhook • 25%

Other • 25%

What will be the primary method of attack following the Twilio data breach by December 31, 2024?

Smishing • 25%

SIM swapping • 25%

Phishing • 25%

Other • 25%

Primary entity blamed for phishing attack by end of 2024?

DuoExchange • 25%

The victim • 25%

Unknown third party • 25%

No clear blame • 25%

What will be identified as the primary method of infiltration in the 'Salt Typhoon' cyberattack by the end of 2024?

Router vulnerabilities • 25%

Camera vulnerabilities • 25%

Other internet-connected devices • 25%

Unknown/Multiple methods • 25%

Market

Story

Similar markets

What will be the primary method of exploitation for CVE-2024-28986 in reported attacks by end of 2024?

What will be identified as the primary method of delivering Voldemort and Latrodectus malware by end of 2024?

What will be the primary method used by hackers to exploit CVE-2024-44133 in 2024?

What will be the primary method of exploitation for CVE-2024-6409 in the wild by the end of 2024?

What will be the primary source of the next major DDoS attack on Cloudflare by the end of 2024?

What will be identified as the primary method used by the malware to spread by the end of 2024?

What will be the primary method of BlueNoroff malware distribution by June 30, 2025?

What will be identified as the primary method used by Flax Typhoon to infiltrate systems by end of 2024?

What will be the primary exploit method in Windows 11 vulnerability attacks by April 30, 2025?

What will be the primary method of attack following the Twilio data breach by December 31, 2024?

Primary entity blamed for phishing attack by end of 2024?

What will be identified as the primary method of infiltration in the 'Salt Typhoon' cyberattack by the end of 2024?

Will Funnull face legal action over the Polyfill.io attack by December 31, 2024?

Will Namecheap take down cdn.polyfill.io by July 31, 2024?

Will the number of websites affected by the Polyfill.io attack be reduced by at least 50% by September 30, 2024?

What action will major cybersecurity firms take in response to the Polyfill.io attack by October 31, 2024?

Will Funnull face legal action over the Polyfill.io attack by December 31, 2024?

Will Namecheap take down cdn.polyfill.io by July 31, 2024?

Will the number of websites affected by the Polyfill.io attack be reduced by at least 50% by September 30, 2024?

What action will major cybersecurity firms take in response to the Polyfill.io attack by October 31, 2024?