SmolSlime

https://www.reddit.com/r/StableDiffusion/comments/153ai4i/stablity_ai_ceo_on_sdxl_censorship/

Apparently there's a chance they're going to release SDXL (their newest Stable Diffusion model) with gimped NSFW. The main reason from what I read is because SD v1 is able to generate child porn. Which is why they also censored SD v2 and make NSFW training much harder. And to no one's surprise, no one uses it. Just take a look at civitai.com and see how many porn models there are. All the SD models I've seen are based on SD v1.5.

One one hand, I understand their position of not wanting to be labeled as CP generator. It's really bad for business and they could lose all their investor funds. But on the other hand, I'm quite annoyed they keep releasing gimped models just because it could make some illegal stuff. It's not like I use SD to mainly generate porn. I just don't want to resort to older model when I do. But it seems like it's possible to be trained for NSFW at least, from the leaked SDXL 0.9. Though there are some rumors they delayed SDXL 1.0 to further censor it. But anyway, all of this is just a speculation. I hope they don't gimp it and just keep silent of NSFW.

With this I ended this half discussion, half rant post. Peace.

There's a JavaScript injection exploit going on. Apparently the exploit also works on comments, just by embedding an image and adding some JS code in it. I don't know if this could steal the entire cookies or just the website's, but just to be safe don't randomly click every link.

The post below is copy pasted from https://kbin.social/m/android@lemdro.id/t/168524/Lemmy-world-and-another-instance-have-been-compromised#entry-comment-661712

Some information I have posted to Lemmy.World:

I am not a super code-literate person so bare with me on this… But. Still please becareful. There appears to be a vulnerability.

Users are posting images like the following:

imgur.com/a/RS4iAeI

And inside hidden is JavaScript code that when executed can take cookie information and send it to a URL address.

Among other things. At this time if you see an image please click the icon circled before clicking the link. DO NOT CLICK THE IMAGE. If you see anything suspicious, please report it immediately. It is better a false report than a missed one.

I have seen multiple posts by these people during the attack. It is most certainly related to JS.

This is my old account that I just logged in today. Just joined a server and Discord asked for email verification. Okay, that's not hard, thankfully Discord doesn't restrict email to only big providers. But then suddenly DIscord asked to verify by phone number, because "something is out of ordinary". What's out of ordinary from that??? Joining a server > Discord asks to verify > I verify.

I was losing my mind seeing people suggesting moving to Discord when Rexxit happened. Like WTF, it's even worse than Reddit. Non-indexable content, worse privacy, needing account just to access the said content, etc.

I really hate how services nowadays require your phone number just to use their service. Unfortunately most people just don't care of privacy, thanks to "I have nothing to hide" mindset.