Security - Remove reference to compromised polyfill.io service

[sfinevelir]

Hello! In light of the recent discovery that polyfill dot io has been purchased and is now serving malicious code (https://www.theregister.com/2024/06/25/polyfillio_china_crisis/) I think it might be a good idea to remove the reference in the "So, what's next?" article.

The availability of a such service is the only aspect in which core-js have lagged behind another project. [polyfill-service](https://polyfill.io/) from Financial Times is based on this conception and it's a great service.

At this point, I think it's fair to say polyfill dot io is no longer a "great service". 😅 If needed, Cloudflare (https://cdnjs.cloudflare.com/polyfill/) and Fastly (https://polyfill-fastly.io) both offer their own replacements.

[zloirock]

I'm not sure that they really distributed malicious code, but this situation is really a significant supply chain risk. I'll change the link in this post.

[manchicken]

https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/