700+ self-hosted Git instances battered in 0-day attacks
www.theregister.com
: More than half of internet-exposed instances already compromised

By ‘Git instances’ they mean Gogs instances that allow open registration. I know most of the community moved from Gogs to Gitea, and then to Forgejo, but thought this was still worth noting.

  • Jason2357@lemmy.caEnglish
    5·
    5 hours ago

    While good, network security isnt the issue. Its running a web service with open registration allowing randos to upload content that gets processed by the server.

    Throw this up on a dedicated $5 VPS and you still have a problem. The default should be manual registration by admins.