this post was submitted on 10 Jul 2023
1 points (100.0% liked)

The Possum Patio Meta

128 readers
1 users here now

Announcements and meta-discussion about The Possum Patio instance.

founded 1 year ago
MODERATORS
 

As you may have seen, lemmy.world was recently compromised due to an attacker gaining access to an Administrator account.

This exploit is related to the custom emoji feature, so as a precaution the few custom emoji we had so far have been removed.

As the attack involves hijacking an already logged-in account session, all user sessions have been reset - just in case any possumpat.io account was compromised while we had custom emoji enabled. I apologize for the inconvenience.

I'll update this post once we know more, and as always if you have any questions let me know.

Edit: For those interested in the technical details, this github thread details the vulnerability and ongoing efforts to mitigate it.

Edit: lemmy.world's post on the hack.

Edit: Exploit has been patched, will re-enable custom emoji soon.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here