Especially since doing that will let you Federate through compromised comments, and possibly affect other instances using the Federation network, unless they're updated.
No. The existing Lemmy-Lite that was advertised on join-Lemmy.org appears to be massively out of date, and no longer actively maintained.
It was a bug with Lemmy-UI, so you might be able to get away using an app or site that isn't vulnerable. Whether that is Wefwef, one of the apps, like Jerboa, or something that is Federated, but not Lemmy, like Kbin, or Mastodon (things might be a bit clunky if you do, since Lemmy threads aren't well handled by Mastodon).
Others did get hacked, or are vulnerable to it, but aren't big enough targets?
Beehaw is closed, so they would have had to have an existing account to exploit the same bug (or go through something like Kbin), and Lemmy.world is the biggest Lemmy instance.
Yes. They got hacked. An admin account got compromised, and the hackers exploited a bug in Lemmy-UI (the web site) that let them do things like redirect users to another site that let them run Javscript. It seems to have let them collect some user tokens from accounts, and access an admin account that way.
Just look at Lore. He wiped out a colony, and could do far worse damage if he was both more competent and stable. It eventually escalated to the point where Data had to shut him down, due to the danger he posed to the rest of the Federation.
This spammer created multiple accounts on various Lemmy instances to post self advertisements. How do we combat this? ( media.kbin.social )
Lemmy instances are being compromised by a js injection
lemmy.world and lemmy.blahaj.zone are down from what seems like a JavaScript injection attack
Multiple lemmy instances are getting hit with a js injection
Lemmy.world and lemmy.blahaj.zone have been hit with a JavaScript injection attack it seems.
Tf happened to lemmy.world? ( kbin.social )
Went there and got some… less than savory images. Do not recommend going there....
I don't think I've ever respected just how dangerous Data could be. ( i.imgflip.com )
UPDATED 9-3: StarTrek.website - Lemmy info, FAQ, Patreon info, future plans, and more!
https://startrek.website/pictrs/image/590456a7-0f95-4e61-968a-c688dd564033.jpeg...