lemmy.world and lemmy.blahaj.zone got hacked, admins in sopuli.xyz should enforce 2fa for admins and possibly disable/ look into possible injections from the community sidebar

  • 018118055@sopuli.xyz
    link
    fedilink
    arrow-up
    7
    ·
    1 year ago

    If they’re stealing sessions that might not be enough. I saw some other mitigations discussed elsewhere.

    • fuser@quex.cc
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Create new accounts & make them instance admin instead (they have to make a local comment to be made admin). Then remove your “browsing” accounts from admin group until patched.