In case you’re not aware, multiple Lemmy instances suffered hacks recently that allowed the hackers to gain admin privileges and deface the instances and/or redirect users to other sites. Luckily, midwest.social was not a victim of this from what I can tell. To mitigate any more issues I have deleted the single custom emoji that had been uploaded and rotated the JWT which means you will have to log in again on all your devices.

Update: The devs have released 0.18.2 with a security fix for this and I’ve upgraded to it.

  • linuxdaemonEnglish
    8·
    11 months ago

    If you log in and it doesn’t show your username, you might have to clear your cookies for midwest.social and login again. I had to do that in Firefox anyway.

  • georgeEnglish
    3·
    11 months ago

    Thanks for providing this space for us!

  • SaintWackoEnglish
    2·
    11 months ago

    Not sure if it’s related, but my midwest.social account had disappeared from wefwef and I had to log back in

      • SaintWackoEnglish
        3·
        11 months ago

        Oh. Wow, was that bit about the JWT always there? Did I just completely gloss over it?

  • FormerGameDevEnglish
    1·
    11 months ago

    so… interestingly, account settings seem to be somehow related to that, as all my settings got mangled.

    also, holy cow the dark theme on this is terrible