@atoponce the hack looks to just be a defacement currently. the defacement is just links to this repository:

https://github.com/cassbethany10-afk/test123

which just has some syn flooders and whatnot. unlikely to be anything sophisticated.

GitHub - cassbethany10-afk/test123

Contribute to cassbethany10-afk/test123 development by creating an account on GitHub.

^GitHub

@atoponce looks like the forums are back down???

https://fosstodon.org/@xinayder/116319094022309675

^ this fedi post seems to imply (to me) it was just stored XSS?

Alex (@xinayder@fosstodon.org)

Attached: 1 image they added widgets to what seems to be the "Whats New" section of the forums, which load the replacement web page:

^Fosstodon

@atoponce forums are undergoing an "upgrade", which is hopefully a patch for whatever the attack was.

EDIT: actually, i'm not sure. my phone might be caching the page and giving me that. a different browser is saying the forums are down.

@novet @atoponce
Anyway, the DNS entry for forums.freebsd.org seems to be removed currently.
% drill forums.freebsd.org @1.1.1.1
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 46711
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; forums.freebsd.org. IN A

;; ANSWER SECTION:
forums.freebsd.org. 60 IN A 127.0.0.1

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 13 msec
;; SERVER: 1.1.1.1
;; WHEN: Tue Mar 31 03:04:59 2026
;; MSG SIZE rcvd: 52

The answer could be because of local_unbound (running at 127.0.0.1 [localhost]).

For some (running) others and parent entry:
% drill freebsd.org @1.1.1.1
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 40850
;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; freebsd.org. IN A

;; ANSWER SECTION:
freebsd.org. 3600 IN A 96.47.72.84

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 18 msec
;; SERVER: 1.1.1.1
;; WHEN: Tue Mar 31 03:05:34 2026
;; MSG SIZE rcvd: 45
% drill bugs.freebsd.org @1.1.1.1
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 53700
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; bugs.freebsd.org. IN A

;; ANSWER SECTION:
bugs.freebsd.org. 60 IN CNAME web3.nyi.freebsd.org.
web3.nyi.freebsd.org. 3600 IN A 96.47.72.106

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 35 msec
;; SERVER: 1.1.1.1
;; WHEN: Tue Mar 31 03:06:29 2026
;; MSG SIZE rcvd: 73
% drill www.freebsd.org @1.1.1.1
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 36543
;; flags: qr rd ra ; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;; www.freebsd.org. IN A

;; ANSWER SECTION:
www.freebsd.org. 10 IN CNAME web.geo.freebsd.org.
web.geo.freebsd.org. 150 IN A 192.50.199.250
web.geo.freebsd.org. 150 IN A 210.231.212.93

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 174 msec
;; SERVER: 1.1.1.1
;; WHEN: Tue Mar 31 03:06:02 2026
;; MSG SIZE rcvd: 87