this post was submitted on 10 Jul 2023
168 points (97.2% liked)
Lemmy.ca's Main Community
2820 readers
1 users here now
Welcome to lemmy.ca's c/main!
Since everyone on lemmy.ca gets subscribed here, this is the place to chat about the goings on at lemmy.ca, support-type items, suggestions, etc.
Announcements can be found at https://lemmy.ca/c/meta
For support related to this instance, use https://lemmy.ca/c/lemmy_ca_support
founded 4 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Good luck, and thanks for all your hard work. I don't know if you already saw this, but it looks like this might be the vector for the account compromise. If that's the case, I don't think 2FA is enough to protect, because it's exfiltrating the session cookies of someone already logged in. Seems like the precaution is for admins to avoid clicking any suspicious links. I realize the irony of sharing a link about this, but at least it's to a thread on this instance.
https://lemmy.ca/post/1311411
I'm copying all links into a brand new incognito mode window for now.