Security researchers are warning of a web supply chain attack impacting over 100,000 websites that are using the ‘cdn.polyfill.io’ domain.