I just wanted to inform you all that some other instances got hacked during the night.

It appears to have something to do with a vulnerability regarding costume emojis, but I am not sure about the exact details as I am not that knowledge about coding.

I don’t know if this instances is affected by this, but even some that are not have taken preventive measurements and loged every one out to renew the login token. As the hack stole it, and used it to spread harmful and disturbing posts.

https://lemmy.world/post/1290412

  • Wintermute@lemmy.villa-straylight.social
    shield
    M
    link
    fedilink
    arrow-up
    4
    ·
    edit-2
    1 year ago

    As usual I spend too much time looking at Subscribed and not enough time looking at local. Sorry about that. Just wanted to confirm that we never had custom emojis (and likely never will) so we were not affected. As far as I can ascertain from the information available, since we weren’t vulnerable in the first place, there is no action needed at this time, which is also why I chose not to make a post about it myself.