Domain not in remote thumbnail source whitelist: media.infosec.exchange
from Jerry Bell :verified_paw:
This message for everyone on the fediverse:
First, please ensure you go into your account settings and enable two/multi factor authentication. No, I mean do it right now. I’ll wait till you’re done.
…
…
Ok, thank you.
Now, if you are the admin of a mastodon instance, please go upgrade to 4.0.2 ASAP.
Background: https://portswigger.net/research/stealing-passwords-from-infosec-mastodon-without-bypassing-csp