listing: all - local
1
489
Blahaj zone hacked (pen.blahaj.zone)
submitted 2 days ago* (last edited 16 hours ago) by ada to c/main
78 comments fedilink

Firstly, apologies to everyone for the extended downtime. Unfortunately, it was for a pretty bad reason. We were hacked.

The bad news is that it was a comprehensive attack, and the attackers had privileged access to our database system, across all of our services (except for writefreely, which doesn't use postgres). From what we can tell, the attacker did not do anything with that access, so we don't believe any user data was accessed, but we can't be certain of that. For lemmy, the impact of this should be minimal. If you registered with a real email address, they may have that. User passwords are encrypted in the database, so if you were using a secure, non trivial password, it should be safe, but you should still change it. You should also reset your 2 factor authentication if you had it enabled, as the seeds for these are not encrypted.

Our understanding is that the attacker used a peertube exploit, then a postgres exploit and then a kernel exploit to systematically gain access to different layers of our database server. A side effect of the hack was that it filled up our database servers hard drive, and caused it to fail over to our backup, which we believe mitigated some of the potential fall out.

We have had to reset activitypub keypairs for every account and community on lemmy, so there may be some federation hicoughs for a day or so, until remote servers have dropped any cached copies of our users public keys. This is uncharted territory though, so hopefully it's as smooth as we think it will be, but we can't be sure!

As stated earlier, our writefreely instance is still up and running as it wasn't impacted by this attack. Vernissage (our pixelfed replacement) has been brought back online, as has our matrix server.

We will be bringing up Sharkey, and then Piefed hopefully later today, but we have to rotate keypairs on those services too, which is also uncharted territory, so the timelines are hopes, not guarantees. At this point in time, we don't plan on bringing pixelfed back online, as it was slated for shutdown in August in any case. If people still need access to pixelfed to export data, we can spin it up briefly if needed, so please reach out if this is you. We also won't be bringing peertube back up at this point. It was not heavily utilised, and it was the source of the attack, so Kaity is a bit gun shy about spinning it back up on shared database infrastructure. If there is a strong desire to bring peertube back, we can consider doing that on isolated hardware, but at the current utilisation level, it doesn't seem worth the cost/effort to run it isolated.

in any case, you can read a fuller explanation of the attack by Kaity here https://pen.blahaj.zone/supakaity/weve-been-hacked

Edit - Piefed is back now!

2
57
bring back third places (lemmy.blahaj.zone)
submitted 42 minutes ago by not_IO to c/microblogmemes@lemmy.world
11 comments fedilink

https://433.world/@Yuvalne/116782642610090955

3
18
Especially, if they have 6 fingers on one hand. (lemmy.world)
submitted 18 minutes ago* (last edited 12 minutes ago) by Anonymous_Leaker@lemmy.world to c/lemmyshitpost@lemmy.world
3 comments fedilink
4
26
‘It’s a scam’: Americans express unease over SpaceX’s influence on retirement savings (www.theguardian.com)
submitted 30 minutes ago by sanitation@lemmy.today to c/technology@lemmy.world
1 comments fedilink
5
19
The average SpaceX buyer post-IPO is almost under water after two-day slide (www.cnbc.com)
submitted 28 minutes ago by sanitation@lemmy.today to c/technology@lemmy.world
3 comments fedilink
6
17
American Workers Harvest Brawndo - circa June 2026 (lemmy.today)
submitted 19 minutes ago by sanitation@lemmy.today to c/memes@lemmy.world
0 comments fedilink
7
13
The YouTube Scene Right Now (lemmy.today)
submitted 19 minutes ago by sanitation@lemmy.today to c/memes@lemmy.world
1 comments fedilink
8
12
true tho 😭😭✌️ (lemmy.today)
submitted 16 minutes ago by sanitation@lemmy.today to c/memes@lemmy.world
0 comments fedilink
9
18
Every app in 2026 (lemmy.today)
submitted 20 minutes ago by sanitation@lemmy.today to c/memes@lemmy.world
0 comments fedilink
10
30
Zelensky warns of new large-scale Russian attacks, urges precautions (www.yahoo.com)
submitted 1 hour ago by veggibles@lemmy.wtf to c/world@quokk.au
0 comments fedilink
11
7
If it arrives at 12:00 AM, I’m calling support. (lemmy.today)
submitted 18 minutes ago by sanitation@lemmy.today to c/memes@lemmy.world
0 comments fedilink
12
32
Starmer expected to resign on Monday and set out orderly exit (observer.co.uk)
submitted 1 hour ago by stumu415@lemmy.zip to c/world@lemmy.world
7 comments fedilink
13
69
Now I can boop her snoot forever. (lemmy.ca)
submitted 1 hour ago by Adderbox76@lemmy.ca to c/dogs@lemmy.world
5 comments fedilink

Gone 4 months and I still cry at least once a week.

14
6
Shower thoughts in the shower (lemmy.today)
submitted 21 minutes ago by sanitation@lemmy.today to c/memes@lemmy.world
3 comments fedilink
15
87
Iranian star Parastoo Ahmadi reportedly sentenced to 74 lashes for singing without hijab (www.theguardian.com)
submitted 1 hour ago by FTonsilStones@lemmy.ca to c/world@lemmy.world
9 comments fedilink

Musicians and production team understood to be facing same punishment after livestream of patriotic song

In December 2024, the 29-year-old singer performed the patriotic song Az Khoone Javanane Vatan (From the Blood of the Youth of the Homeland) without a hijab in a livestreamed performance that went viral.

16
15
Number of annual U.S. Pedestrian Fatalties (feddit.uk)
submitted 46 minutes ago* (last edited 43 minutes ago) by Wudi@feddit.uk to c/dataisbeautiful@mander.xyz
1 comments fedilink

Source

17
66
Bobby Prince, the legendary composer behind Doom and Wolfenstein 3D, has died at the age of 81 | Prince helped define the sound which characterized the early FPS, as well as classic PC games like Cat… (www.pcgamer.com)
submitted 1 hour ago by sanitation@lemmy.today to c/technology@lemmy.world
6 comments fedilink
18
29
Creamy Avocado Pasta (slrpnk.net)
submitted 1 hour ago* (last edited 50 minutes ago) by nocturne@slrpnk.net to c/veganhomecooks@lemmy.world
4 comments fedilink

Lemony, garlicky, and yummy

Recipe

Ingredients:
1 medium sized ripe Avocado, pitted
1/2 lemon, juiced + lemon zest to garnish
1-3 garlic cloves, to taste (depending on how garlicky you like it)
1/2 tsp kosher salt, or to taste
~1/4 cup Fresh Basil, (probably optional, I never use it)
2 tbsp extra virgin olive oil
2 servings/6 oz of your choice of pasta (I like angel hair or vermicelli)
Freshly ground black pepper, to taste

Directions:

  1. Bring several cups of water to a boil in a medium sized pot. Add in your pasta, reduce heat to medium, and cook until Al Dente, about 8-10 minutes.
  2. Meanwhile, make the sauce by placing the garlic cloves, lemon juice, and olive oil into a food processor. Process until smooth. Now add in the pitted avocado, basil, and salt. Process until smooth and creamy.
  3. When pasta is done cooking, drain in a strainer, reserving some pasta water to add if sauce is too thick, and place pasta into a large bowl. Pour on sauce and toss until fully combined. Garnish with lemon zest and black pepper. Serve immediately. Makes 2 servings. Please note: This dish does not reheat well due to the avocado in the sauce. Please serve immediately. I have found that if you save enough pasta water you can boil that and add it to the leftovers to reheat it, but it is better fresh.

19
60
Happy Little Memes (slrpnk.net)
submitted 1 hour ago by Gormadt@slrpnk.net to c/lemmyshitpost@lemmy.world
5 comments fedilink
20
9
Canada makes femicide first-degree murder as all three major Criminal Code reforms become law (www.canada.ca)
submitted 38 minutes ago by Wudi@feddit.uk to c/canada@lemmy.ca
0 comments fedilink
21
4
Injured so I'm spending my Saturday on my back doing wedding prep, at least the couch is comfy (sh.itjust.works)
submitted 20 minutes ago by StarvingMartist@sh.itjust.works to c/pics@lemmy.world
0 comments fedilink
22
6
Old Software Was Fast Because It Had No Choice (yusufaytas.com)
submitted 27 minutes ago by sanitation@lemmy.today to c/programming@programming.dev
0 comments fedilink
23
9
The AI data centre boom built on a mountain of hidden debt — Big Tech is spending more than space-race levels on AI infrastructure, but hidden loans and commitments mask the true financial risks (www.thetimes.com)
submitted 28 minutes ago by sanitation@lemmy.today to c/technology@lemmy.world
0 comments fedilink
24
43
Mexican archaeologists unearth 'unprecedented' ancient ruins with Mayan features (www.france24.com)
submitted 1 hour ago by DamnianWayne@lemmy.world to c/world@quokk.au
0 comments fedilink
25
10
Signal, DuckDuckGo among firms weighing Canada exit over lawful access bill (globalnews.ca)
submitted 52 minutes ago by yogthos@lemmy.ml to c/canada@lemmy.ml
0 comments fedilink
view more: next ›

Blåhaj Lemmy

10,433 readers
370 users here now

Blåhaj Lemmy

Blåhaj Lemmy is brought to you by the kind folk at Blåhaj Zone, and while anyone is free to register for an account here, please bear in mind that this is a server that is very protective of our minority members and bigotry of any variety will be squashed with great prejudice.

We have several alternative lemmy frontends you can use. Just login with your regular blahaj login details.

We have a public matrix channel for all Blahaj users at #blahaj:chat.blahaj.zone

We also have a matrix channel for gender diverse folk and our allies! If you're already a matrix user, you can head straight to our application room https://matrix.to/#/#gv-apply:chat.blahaj.zone, or by searching for #gv-apply:chat.blahaj.zone from within your matrix client.

If you're new to matrix, you can find some more details and an instruction video on how to get up and running here https://chat.blahaj.zone/c/genderverse/

Community Guidelines

Blåhaj Lemmy is a space where everyone should feel able to participate safely, and to that end, our community is built on the guiding philosophies of empathy, inclusion and acceptance.

Empathy

We want our community members to be guided by compassion and empathy for others.

Examples of behaviour that are contrary to this philosophy are personal attacks, insults, doxing etc. If your comment is designed to hurt someone, this isn't the space for it.

Inclusion and Acceptance

Embracing inclusion and acceptance means listening when people tell you who they are and what their needs are. It means not telling people that you know their experiences better than they do. It means not gatekeeping experiences of identities of others. It means no bigotry such as racism, sexism, anti LGBT commentary, ableism etc. It means doing your best to ensure that you don't over-talk the voices of folk who don't share your privileges.

Supporting Blåhaj Lemmy

After much hesitation, we have a Ko Fi to enable people to help with supporting some of the running costs associated with our instances.

Providing a safe space for our community is the goal, so please only consider donating if you are in a position to do so without any financial stress.

Mascot and logo

Find out about our mascot Shonky (they/them) who appears on our site logo here.

--

founded 3 years ago
ADMINS
blahaj
ada
supakaity
will_steal_your_username
robota