lemmy.world is a victim of an XSS attack right now and the hacker simply injected a JavaScript redirection into the sidebar. It appears the Lemmy backend does not escape HTML in the main sidebar. Not sure if this is also true for community sidebars. [https://sh.itjust.works/pictrs/image/707c0f16-3d5c-4888-b865-34228d968ee6.png]
  • Lodion 🇦🇺@aussie.zoneMEnglish
    3·
    1 year ago

    In the short term, use a 60 character password and never use that account interactively. ie only use it with your scripts/bot. And obviously keep the password securely stored.