Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Social Web ISAC @sw_isac@mastodon.iftas.org

4/2/2025, 3:43:35 PM

Public

Pixelfed versions 0.12.4 and earlier contain a critical privacy vulnerability that impacts any and all Fediverse service providers that support follower-only messaging from follower-approvals-required accounts.

Ref: https://fokus.cool/2025/03/25/pixelfed-vulnerability.html

A tracking spreadsheet of domains by version is available at https://docs.google.com/spreadsheets/d/1t9wlqXC89EJwccxFAT_VknRdVAw6K6h-dMqVtaRVB-I/

If you host accounts that expect their followers-only posts to be non-visible to unapproved followers on remote Pixelfed services, consider informing your members.

Pixelfed leaks private posts from other Fediverse instances - fiona fokus

fokus.cool

If you have a fediverse account, you can quote this note from your own instance. Search https://mastodon.iftas.org/users/sw_isac/statuses/114269134232280838 on your instance and quote it. (Note that quoting is not supported in Mastodon.)