lemmy.world is a victim of an XSS attack right now and the hacker simply
injected a JavaScript redirection into the sidebar. It appears the Lemmy backend
does not escape HTML in the main sidebar. Not sure if this is also true for
community sidebars.
[https://sh.itjust.works/pictrs/image/707c0f16-3d5c-4888-b865-34228d968ee6.png]
Hmm you may need to disable 2FA again. I’m not sure why it wouldn’t work, perhaps Aegis hasn’t imported it correctly?
Okay cool, it just worked. No idea what difference waiting overnight made though.