Toshiba and Muji warn of fake login screens from polyfill.io

Tech giants Toshiba and Muji have alerted visitors to their websites about suspicious sign-in screens that could potentially harvest user credentials. Both companies advised users who may have entered their login information on these fraudulent screens to change their passwords immediately, as reported by Bleeping Computer.

The deceptive login prompts were generated by an external service hosted at polyfill[.]io. This service had previously introduced malicious code in 2024, impacting numerous websites that relied on its scripts. Toshiba and Muji, along with other Japanese companies like Zojirushi and FiNC Technologies, have since resolved the issue by suspending the use of the polyfill[.]io service.

While there is no current evidence of unauthorized access or data breaches, users are urged to remain vigilant and change passwords if they interacted with the fake login screens. The polyfill[.]io domain, which was not owned by the original project creator, became active again in late May 2026, leading to these authentication requests being misinterpreted by browsers as legitimate login prompts.

Source: Bleeping Computer