All umami instances have been infected with a persisting crypto miner. Umami was affected by the next.js CVE but quietly released a fix, so most of their users missed it
All umami instances have been infected with a persisting crypto miner. Umami was affected by the next.js CVE but quietly released a fix, so most of their users missed it
Source for that claim? Because vulnerable does not mean infected.
Also, I’m kinda glad my instance has been offline for a while now because of database trouble. That was lucky.