How it startedIt all started from a message on Linkedin yesterday "Hey, you've been hacked I'm getting fake captchas on your blog". Obviously I checked and saw nothing wrong. But I also remembered about someone telling me something very similar a couple weeks back on Mastodon. So I checked from all of the devices I could think of in the house and couldn't reproduce either, even with a VPN from the location of the user who reported the issue. At this point, I dismissed it as something coming from the user side. Maybe they had an infected browser extension running. Just as a safe check, I decided to send a call for help on social media to ask people to check the blog and let me know if they saw anything weird. No new reports, either....Starting the investigationAfter a couple hours I still had an uneasy feeling, so I started reading online and found the exact issue the users were reporting. I fired up Claude Code on my server and started investigating to see if I could find…
No comments yet. Log in to reply on the Fediverse. Comments will appear here.