I’ve gotten this as well and am unable to see it in the security advisory section of the project the email mentions. However, I was able to find this notice on the maps api documentation site. I assume this is what the advisory is for. (For reference: https://developers.google.com/maps/documentation/javascript/error-messages)
Security notice: We have become aware of a security issue that may be affecting websites using specific third-party libraries (including polyfill.io). This issue can sometimes redirect visitors away from the intended website without website owner knowledge or permission. Many of our JavaScript samples previously included a polyfill.io script declaration. We have removed this from our samples. If you have used our JavaScript samples that contain this declaration, we recommend removing the declaration.