Regarding the recent Lemmy hack Update
Regarding the recent Lemmy hack Update
In case you're not aware, multiple Lemmy instances suffered hacks recently that allowed the hackers to gain admin privileges and deface the instances and/or redirect users to other sites. Luckily, midwest.social was not a victim of this from what I can tell. To mitigate any more issues I have deleted the single custom emoji that had been uploaded and rotated the JWT which means you will have to log in again on all your devices.
Update: The devs have released 0.18.2 with a security fix for this and I've upgraded to it.