GoKawiilTech giant Toshiba and mega-retailer Muji warned visitors that suspicious sign-in screens popping up on their websites could collect credentials.
Both Japanese companies advised users who entered their account login data in the authentication screens to change their passwords to access the service.
The login pop-ups were generated by the external service hosted at polyfill[.]io, which in 2024 introduced malicious code in scripts delivered by its CDN.
“We have confirmed that some parts of our website may display a sign-in screen like the one shown below. We are currently working to eliminate this screen, but if you do see it, please select "Cancel" without entering any information," Toshiba said in a short communication.
The suspicious login screen
Source: Toshiba
Japanese retail giant Muji published a similar announcement earlier this week, warning website visitors of suspicious authentication screens generated by the external service polyfill[.]io.
“At this time, we have not confirmed any unauthorized access or information leakage to this site, but in order to ensure the safety of our customers, we ask that you consider your response,” Muji states.
Both Toshiba and Muji have solved the issue and suspended the service.
Japanese media outlets reported that Zojirushi, FiNC Technologies, Ishiyaku Publishers, and online publishing brand Hobonichi were also impacted by the same issue.
... continue reading