Originally developed as an open-source project for offering JS polyfills to third-party developers, the polyfill.io domain is now a dangerous internet threat. Earlier this week, security analysts discovered that a mysterious Chinese entity named Funnull is abusing the domain to inject malicious code into websites.