#critical

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

All #Fedify users must immediately update to the latest patched versions. A #critical authentication bypass #vulnerability (CVE-2025-54888) has been discovered in Fedify that allows attackers to impersonate any #ActivityPub actor by sending forged activities signed with their own keys.

This vulnerability affects all Fedify instances and enables complete actor impersonation across the federation network. Attackers can send fake posts and messages as any user, create or remove follows as any user, boost and share content as any user, and completely compromise the federation trust model. The vulnerability affects all Fedify instances but does not propagate to other ActivityPub implementations like Mastodon, which properly validate authentication before processing activities.

The following versions contain the #security fix: 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9, and 1.8.5. Users should update immediately using their package manager with commands such as npm update @fedify/fedify, yarn upgrade @fedify/fedify, pnpm update @fedify/fedify, bun update @fedify/fedify, or deno update @fedify/fedify.

After updating, redeploy your application immediately and monitor recent activities for any suspicious content. Please also inform other Fedify operators about this critical update to ensure the security of the entire federation network.

The safety and security of our community depends on immediate action. Please update now and feel free to leave comments below if you have any questions.

#fedidev

🇪🇺 #GitHub is calling for a new #EU #techfund (€350M) to support #critical #opensource #softwaremaintenance, highlighting its economic importance and the need for #sustainablefunding.

😏 While acknowledging the need for #publicfunding, there is concern about big #techcompanies offloading their #responsibilities and the potential for the fund to become a subsidy for them.

👉 https://www.omgubuntu.co.uk/2025/07/github-eu-open-source-funding?Fedizen.EU #Fedizen #Fediverse #ActivityPub #News

🇪🇺 #GitHub is calling for a new #EU #techfund (€350M) to support #critical #opensource #softwaremaintenance, highlighting its economic importance and the need for #sustainablefunding.

😏 While acknowledging the need for #publicfunding, there is concern about big #techcompanies offloading their #responsibilities and the potential for the fund to become a subsidy for them.

👉 https://www.omgubuntu.co.uk/2025/07/github-eu-open-source-funding?Fedizen.EU #Fedizen #Fediverse #ActivityPub #News

"What philosophers sometimes call “political epistemology” is the area of intellectual inquiry that attempts to understand and evaluate these interactions between politics, knowledge, ignorance, and misperceptions. Most of my recent published research and articles on this blog fall within this area. For example, I’ve written about:

- How group allegiances distort political cognition (e.g., here, here, and here)

- How political tribes coordinate to promote, protect, and rationalise shared narratives (e.g., here, here, here, and here)

- In what ways political thought and communication are biased (e.g., here and here)

- The sources of political ignorance and misperceptions (and, more puzzlingly, knowledge) (here and here)

- Why many influential analyses of our political-epistemic problems in terms of “misinformation” and “disinformation” are confused and objectionable (e.g., here, here, here, and here)

Recently, I’ve also had the chance to design an advanced undergraduate course on ‘Politics, truth, and ideology’. The course only has seven weeks of content, meaning it must be highly selective in which topics it covers. Moreover, it’s intended for philosophy students, so it mostly ignores relevant empirical research in political psychology and social science. Nevertheless, I hope it provides a helpful introduction to some foundational issues and debates that might interest some readers.

In this post, I will briefly describe some core underlying themes of the course and the main topics and debates it covers. I will also provide the essential readings I’ve assigned."

https://www.conspicuouscognition.com/p/politics-truth-and-ideology-a-syllabus

#Politics #Ideology #Democracy #Technocracy #Marx #Critical Theory #IdentityPolitics #FreeSpeech #CancelCulture #Truth #Populism #PostTruth

"What philosophers sometimes call “political epistemology” is the area of intellectual inquiry that attempts to understand and evaluate these interactions between politics, knowledge, ignorance, and misperceptions. Most of my recent published research and articles on this blog fall within this area. For example, I’ve written about:

- How group allegiances distort political cognition (e.g., here, here, and here)

- How political tribes coordinate to promote, protect, and rationalise shared narratives (e.g., here, here, here, and here)

- In what ways political thought and communication are biased (e.g., here and here)

- The sources of political ignorance and misperceptions (and, more puzzlingly, knowledge) (here and here)

- Why many influential analyses of our political-epistemic problems in terms of “misinformation” and “disinformation” are confused and objectionable (e.g., here, here, here, and here)

Recently, I’ve also had the chance to design an advanced undergraduate course on ‘Politics, truth, and ideology’. The course only has seven weeks of content, meaning it must be highly selective in which topics it covers. Moreover, it’s intended for philosophy students, so it mostly ignores relevant empirical research in political psychology and social science. Nevertheless, I hope it provides a helpful introduction to some foundational issues and debates that might interest some readers.

In this post, I will briefly describe some core underlying themes of the course and the main topics and debates it covers. I will also provide the essential readings I’ve assigned."

https://www.conspicuouscognition.com/p/politics-truth-and-ideology-a-syllabus

#Politics #Ideology #Democracy #Technocracy #Marx #Critical Theory #IdentityPolitics #FreeSpeech #CancelCulture #Truth #Populism #PostTruth

#UnitedHealth is positively #fucking #EVIL for intentionally denying #critical care and services to autistic #children for #profit. They know *exactly* what they are doing.

This damning #ProPublica article highlights UH's strategy via secret playbook to deny children care. Absolutely eye-opening.

As an #actuallyautistic #human who #parents an #autistic #child, this is horrifying and utterly reprehensible.

https://www.propublica.org/article/unitedhealthcare-insurance-autism-denials-applied-behavior-analysis-medicaid

#news #healthinsurance #unitedstates

Hi Everyone! This is our #introduction post!

We're a press focusing on theoretical and practical issues in #librarianship from a #critical perspective, for an audience of professional #librarians and #students of #library #science

So excited to be here!