482

PSA: Lemmy.world has been compromised! (Edit: Multiple Instances are down)

posted
*
by
Avatar
G59@lemmy.ml
in
Avatar
fediverse@lemmy.ml
242 comments
hidereport

FYI!!! In case you start getting re-directed to porn sites.

Maybe the admin got hacked?

edit: lemmy.blahaj.zone has also been hacked. beehaw.org is also down, possibly intentionally by their admins until the issue is fixed.

Post discussing the point of vulnerability: https://lemmy.ml/post/1896249

Github Issue created here: https://github.com/LemmyNet/lemmy-ui/issues/1895

Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments View context
Avatar
RoundSparrow@lemmy.ml
8 points

JWT issue opened 4 days ago: https://github.com/LemmyNet/lemmy/issues/3499

permalink
report
parent
reply
Avatar
CMahaff@lemmy.ml
6 points

The issue does say changing the password should kick the user out, but yeah, still not good.

permalink
report
parent
reply
Avatar
RoundSparrow@lemmy.ml
7 points

This issue from 2 weeks ago was the one I was thinking of, it’s worse: https://github.com/LemmyNet/lemmy/issues/3364

permalink
report
parent
reply
Avatar
CMahaff@lemmy.ml
4 points
*

Oh man this one is SO much worse. If this is what is going on the only way to kick out the hacker will probably be to manually alter the DB. Yikes.

I hope the admin team is aware of this - not sure how one would even contact them.

permalink
report
parent
reply
Show more comments

Fediverse

!fediverse@lemmy.ml

Create post

A community dedicated to fediverse news and discussion.

Fediverse is a portmanteau of “federation” and “universe”.

Getting started on Fediverse;

Community stats

  • 1.1K

    Monthly active users

  • 939

    Posts

  • 14K

    Comments

Community moderators