Post ATRAs1PTGOzDZUsTfE by OverSoft@infosec.exchange
 (DIR) More posts by OverSoft@infosec.exchange
 (DIR) Post #ATRArzKR09ll7IVQXI by OverSoft@infosec.exchange
       2023-03-08T18:14:19Z
       
       0 likes, 1 repeats
       
       If you run Home Assistant via HAOS or a supervisor (basically anything else than a Docker install), update NOW.Also: don't just port-forward, use a proper VPN if you want to contact your home from the internet.https://github.com/home-assistant/core/security/advisories/GHSA-2j8f-h4mr-qr25
       
 (DIR) Post #ATRAs1PTGOzDZUsTfE by OverSoft@infosec.exchange
       2023-03-09T11:07:57Z
       
       0 likes, 0 repeats
       
       Update: apparently using Nabucasa (Home Assistants paid forwarding service) did NOT prevent this, as it basically just proxies everything from the internet to your HA device.It’s like punching a hole in your firewall, might want to rethink that service…