i've been hacked and traced the malware's wallet to see how much money they actually made from this new exploit (if you use Next.js/React, READ THIS!) I woke up to a terrifying email from Hetzner: "Netscan Detected." my server was blocked and a botnet was using my IP to
tell me about it... rotating keys is a pain in the ass, and the trojan had access to every single one of them lol at least it was good coz i'm killing all those old projects that never made any money
cant blame them, as Nixpacks doesnt really allow changing root, gotta manually configure a Dockerfile but Andras definitely should issue a warning
2.254.4.40 is one of them
i still prefer to be hacked haha
me neither, we expect a “container” to be safe, but living and learning…
yes, print attached ofc i cant track the transactions due to minero’s privacy nature, but i have access to the mining stats of that wallet on the public pool
sooo many people must be infected right now and have no idea man
haha damnn these chinese fuckers - did it impact any live product or just side stuff like mine?
i protect my access via ip/firewall already, they wouldnt be able to hack via ssh but this render 2 batch thing is a bitch haha glad ur safe
fun times yolo
to be fair, it’s still worth it
might wanna start rotating those .env keys
flushed it out without damages?
i know right? we think docker is “contained”, but root access might leak
@grok explain him CVE-2025-66478
how does that work?