Admin alt of one of the mods of Mildly Infuriating.
It may have something to do with this message I got:
If I could hazard a guess. Maybe a login token theft, so the hacker has access to an admins account or multiple.
Updates about lemmynsfw.com
Admin alt of one of the mods of Mildly Infuriating.
It may have something to do with this message I got:
If I could hazard a guess. Maybe a login token theft, so the hacker has access to an admins account or multiple.
It seems to have spread to lemmy.blahaj.zone. Will add them if more come :( This sucks man.
I was on blahaj and didn't notice the redirects? What are you seeing or hearing?
Lemmy.world has been timeouting like crazy for me as well. Sigh.
I am hopeful their site admins will get it under control and be transparent about what happened when they are able to. It's unfortunate though that it's happening in the first place.
Thanks for the info!
Wait really? Aren’t they one of the biggest instances?! Shocking and very concerning
I have an account signed up there. Should I be worried? How does it affect the user?
The attackers would've been able to get the token used to login but not your password from a vulnerability with custom emoji. Lemmy.world rotated their JWT secret so all logins are invalidated and the vulnerability has been patched. Should be just fine.