this post was submitted on 10 Jul 2023
156 points (97.6% liked)

Discussions related to Infosec.pub

1128 readers
1 users here now

founded 1 year ago
MODERATORS
 

Discussion from here: https://lemmy.ml/post/1895271

Relevance: Infosec.pub may wish to consider defederation temporarily.

Temporary fix in place, but instances remain vulnerable. Post: https://lemmy.world/post/1290412

  • UPDATE 2:58 UTC the injected code was removed from the main page, but cleanup efforts are still underway.
  • UPDATE 3:11 UTC situation appears to be under control, but browse with caution.
  • UPDATE 3:35 UTC main page exploited again! Website is unsafe.
  • UPDATE 4:01 UTC reports coming in that other instances are getting owned. One report of comments trying to inject JavaScript into the page.
  • UPDATE 4:13 UTC XSS vulnerability in page sidebar is reported relationship to the event is unknown.
  • UPDATE 7:17 UTC Root cause was identified a while ago.
you are viewing a single comment's thread
view the rest of the comments
[–] SimplePhysics@sh.itjust.works 8 points 1 year ago (2 children)

Yep, redirects to very strange websites. I created this shitjustworks account because my main is on .world. This is very concerning.

[–] henfredemars@infosec.pub 9 points 1 year ago (1 children)

As of 2:45 UTC it's still hacked, modified main page to redirect to offensive materials. Discussion claims that other admins are aware of the hack, but the website is still contaminated.

[–] PhoenixRising@kbin.social 2 points 1 year ago

Yup still hacked.

[–] can@sh.itjust.works 4 points 1 year ago (1 children)

Enjoy your stay! Maybe once world is back up and running you can use one of those tools to copy your subscriptions here as a backup.

[–] SimplePhysics@sh.itjust.works 4 points 1 year ago

Thanks for the warm welcome! I have a feeling I'm not going back to .world.