Toshiba and Muji warned visitors about suspicious sign-in screens on their websites that could capture credentials, with the prompts linked to the external service polyfill[.]io. The issue also affected other Japanese organizations and appears tied to remnants of the 2024 polyfill[.]io incident, which had previously delivered malicious scripts to many websites. #Toshiba #Muji #polyfillio
Keypoints
- Toshiba warned users to cancel a suspicious sign-in screen and enter no information.
- Muji issued a similar alert about authentication prompts on its website.
- The pop-ups were generated by the external service polyfill[.]io.
- Zojirushi, FiNC Technologies, Ishiyaku Publishers, and Hobonichi were also reported impacted.
- Users who entered credentials were told to change their passwords immediately.