Wow you actually get logs from the other devs? I get fucking screenshots of abbreviated stack traces. Often not even the relevant portion of the stack trace or log.

First time user of firefish. Kind of like the UI. “Global” section is kind of chaotic. Guess that’s just the fediverse for ya

I quickly looked through the #news tag, not seeing this. I guess those bots were active at the time?

Probably questions that can be answered by RTFM

Also a reminder for me to add IPv6 support for my personal site. I think most cloud providers are able to offer dual ipv4/v6 support if you ask for it/configure it.

Kind of cool if your production infrastructure can match. But for most companies (ie, Fortune 500 and some medium companies) implementing this would need a force majeure.

Decades of software rot, change in management, change in architecture, waxing and waning of software and hardware trends, half assed implementations, and good ole bottom tier software consultation/contractors brought into the mix make such things impossible to implement at scale.

Once worked at a company where their onprem infra was a mix of mainframe, ibm / dell proprietary crap, Oracle vendor locked, and some rhel/centos servers. Of course some servers were on different versions of the OS. So it was impossible to setup a development environment to replicate issues.

For the most part, that’s why I still use docker for most jobs. Much easier to pull in the right image, configure app deployment declaratively, and reproduce the bug(s). I would say 90% of the time it was reproducible. Before docker/containerization it was much less than that and we had to reproduce in some non production environment that was shared amongst team.

Hygieia — the goddess of cleanliness

Only in read only mode.

I just want to add a quick note:

From OPs screenshot, I noticed the JS code is attempting to extract the session cookie from the users that click on the link. If it’s successful, it attempts to exfiltrate to some server otherwise sends an empty value.

You can see the attacker/spammer obscures the url of the server using JS api as well.

May be how lemmy.world attackers have had access for a lengthy period of time. Attackers have been hijacking sessions of admins. The one compromised user opened up the flood gates.

Not a sec engineer, so maybe someone else can chime in.

Lemmy.world instance under attack right now. It was previously redirecting to 🍋 🎉 and the title and side bar changed to antisemitic trash.

They supposedly attributed it to a hacked admin account and was corrected. But the instance is still showing as defaced and now the page just shows it was “seized by reddit”.

Seems like there is much more going on right now and the attackers have much more than a single admin account.

One retailer realized they were losing $700,000 a year per kilobyte of JavaScript, Russell said.

It’s a retailer so definitely lost sales or conversions