Tech giant Toshiba and Japanese retail chain Muji have both issued warnings to website visitors after suspicious sign-in prompts began appearing on their domains. Security researchers and the companies themselves have linked the fake login screens to the Polyfill.io supply chain compromise — a recurring threat that has continued to evolve and resurface since its initial disclosure in 2024.
What Is Polyfill.io and Why Is It Dangerous?
Polyfill.io was originally a widely trusted JavaScript library service that automatically delivered browser polyfills — code that enables modern web features in older browsers. At its peak, the service was embedded in tens of thousands of websites, making it an attractive target for threat actors.
In 2024, the Polyfill.io domain was acquired by a Chinese company that began injecting malicious JavaScript into the polyfill distribution. The injected code was designed to redirect visitors to scam sites, inject cryptocurrency mining scripts, and — in later campaigns — serve fake login prompts designed to harvest credentials from unsuspecting users.
Despite widespread advisories and the recommendation to remove Polyfill.io entirely, many websites never updated their Content Security Policies or removed the compromised script reference. This has allowed the threat to persist and resurface in new campaigns.
The Toshiba and Muji Incidents
Both Toshiba and Muji have confirmed that their websites were displaying unexpected sign-in dialog boxes that did not originate from their own authentication systems. The suspicious prompts appeared to mimic legitimate login flows and were designed to capture usernames and passwords.
Key characteristics of the fake prompts reported by visitors and researchers include:
- Unsolicited appearance — login dialogs appearing without the user navigating to an authenticated section of the site
- Visual similarity — prompts styled to match the site's authentic login interface
- No HTTPS warning — the pages and dialogs remained on the legitimate HTTPS domain, avoiding typical browser security alerts
- JavaScript injection — the malicious code was delivered via the still-embedded Polyfill.io script reference
Both companies have notified visitors and are working to remove the compromised scripts from their sites.
How the Attack Works
The Polyfill.io attack chain follows a well-established pattern:
1. Website includes a <script> tag referencing polyfill.io CDN
2. Attacker-controlled CDN serves modified JavaScript alongside legitimate polyfills
3. Injected script detects the visitor's browser, location, and session state
4. On target profiles (specific geographies, device types, first-time visitors),
the script injects a fake login modal into the live page DOM
5. User enters credentials into the convincing-looking prompt
6. Credentials are exfiltrated to attacker-controlled infrastructure
7. User is shown a generic error or silently passed through to the real site
The attack is particularly insidious because it operates entirely within the legitimate site's domain and HTTPS certificate, giving no visible indication to the browser that anything is wrong.
Scale of the Problem
The Polyfill.io compromise is not new, but its persistence reflects a systemic problem in web security:
- At the time of initial disclosure in 2024, an estimated 100,000+ websites were loading the compromised script
- Despite years of advisories, a significant proportion of those sites have never removed the dependency
- Security scans consistently find Polyfill.io still referenced in major enterprise and retail websites globally
- The threat actors have continued to evolve their injection payloads, alternating between cryptocurrency miners, redirect campaigns, and now credential-harvesting overlays
Recommended Actions for Website Operators
Any website still loading scripts from polyfill.io or related domains should take immediate action:
Remove the Polyfill.io Reference
<!-- Remove this type of reference entirely -->
<script src="https://polyfill.io/v3/polyfill.min.js"></script>
<!-- If polyfills are needed, prefer self-hosting via the open-source npm package -->
<!-- npm install @oddbird/css-anchor-positioning or polyfill-library -->
<!-- If using a CDN alternative, ALWAYS add Subresource Integrity (SRI) hashing -->
<!-- Generate the hash at: https://www.srihash.org/ -->
<script
src="https://cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js"
integrity="sha384-<generate-hash-from-srihash.org>"
crossorigin="anonymous">
</script>Audit Your Content Security Policy
Ensure your CSP blocks loading scripts from unauthorized third-party domains:
Content-Security-Policy: script-src 'self' https://trusted-cdn.example.com;
Conduct a Script Inventory
Use browser developer tools, Lighthouse audits, or dedicated tools to enumerate all third-party scripts loaded by your site:
# Use a tool like httpx to check what scripts are being loaded
cat urls.txt | httpx -silent -title -content-type
# Or use a crawler to detect external script sourcesMonitor for DOM Injection
Implement Subresource Integrity (SRI) hashing for any third-party scripts you do continue to use:
<script
src="https://cdn.example.com/script.js"
integrity="sha384-<hash>"
crossorigin="anonymous">
</script>SRI causes the browser to reject any script whose content does not match the expected hash, preventing tampered versions from executing.
Broader Context: Supply Chain Attacks on Web Infrastructure
The Polyfill.io saga is a textbook example of a software supply chain attack targeting the web layer. Unlike traditional supply chain attacks that target build pipelines or package repositories, this attack vector exploits the common practice of linking to third-party CDN-hosted scripts directly from production HTML.
The threat model mirrors that of other high-profile web supply chain attacks:
| Attack | Method | Impact |
|---|---|---|
| Polyfill.io | CDN domain acquisition + payload injection | 100k+ sites, credential theft |
| Magecart | Payment page script injection | Millions of card numbers stolen |
| SolarWinds (web tier) | Build pipeline poisoning | Government & enterprise espionage |
| Event-Stream (npm) | Malicious maintainer handoff | Bitcoin wallet targeting |
The lesson is consistent: any third-party script running on your site has full DOM access and operates with your site's trust and credentials.
Key Takeaways
- Polyfill.io remains active — the compromised CDN is still delivering malicious payloads to sites that haven't removed it
- Toshiba and Muji are the latest major brands caught serving fake login prompts via the Polyfill.io injection
- Any website still including
polyfill.ioin its<script>tags should remove it immediately - Replace with a self-hosted polyfill bundle, or use the Cloudflare CDN alternative as a drop-in replacement
- Implement SRI hashing and a strong Content Security Policy to prevent future CDN-based injection attacks