A new security fund for the fediverse, and the Lemmy developers held an AMA.
The News
The Nivenly Foundation, the organisation that administers the Hachyderm.io instance, is opening a new security fund to sponsor contributors who disclose security vulnerabilities. All software has security vulnerabilities, and the fediverse is no exception. The recent Pixelfed vulnerability, which affected non-Pixelfed servers, is a clear example of how fediverse software can make software vulnerabilities more complex due to the interaction between different software platforms.
The Nivenly Fediverse Security Fund will sponsor $250 USD for vulnerabilities that are rated as high risk (7-9 CVSS score)