Defederating from Lemmy.world and lemmy.blahaj.zone until they have their shit back together as they seem to have been compromised (extent is not fully known at the moment). Beehaw took their servers down preemptively too.
Rogue admin accounts can do harm to other instances too this is a precautionary measure until we have a better idea of what we’re dealing with.
Reminder not to click on sketchy links!
Can anyone explain what the hell is happening? I just logged into lemmy when I woke up and I see all of this news of admins being compromised
Here are post about it with some discussion/analysis:
https://lemmy.zip/post/357196
https://lemmy.zip/post/357639
https://lemmy.zip/post/358397
https://lemmy.zip/post/357947
tldr: It seems like they used an exploit to obtain admin accounts’ cookies (the thing that keeps you logged into your account) to gain control of their accounts and potentially other exploits to deface the actual instances.
https://programming.dev/comment/800376