On Tuesday, July 9th, 2024, security researchers confirmed that the cdn.polyfill.io domain is injecting malicious code into more than 100,000 website that use it. This includes Intuit Merchant Services website. The polyfill.io website was used to host a service for adding JavaScript polyfills to sites, small bits of code that provide modern functionality in older browsers and ensure compatibility with a broader range of browsers. Our EPDR program which is installed on all our servers has deployed a blocking on any website using polyfills.io. So, on our servers if you have been getting site block alerts from Intuit Merchant services or any other site that uses polyfill.io. That is the reason why.
Protecting our users and servers is our top priority. We will not be able to whitelist these sites due to the attack affecting them. If you need to get to these sites, please use your local browser to access them. We apologize for any inconvenience at this time.