Warning: lemmy.world just got hacked - eviltoast

I would be cautious about viewing any Lemmy.world communities right now, and the Beehaw admins should make sure their credentials are locked down in case they get targeted next.

  • chinpokomon@beehaw.org
    link
    fedilink
    arrow-up
    11
    ·
    1 year ago

    Arguably it is a strength. Unless a user has used the same username and password for different instances, their credentials on one instance are shielded from exploit over the whole network. The potential risk can only really be determined by how security was breeched. If it was social engineering, then there isn’t any other direct concern. If it was a vulnerability in software, then the same attack could be played out on other instances, but that’s not any different than other systems like a Linux kennel exploit.