I have made a post about some Mastodon instances being associated with malware and explaining what I found: https://github.com/mastodon/mastodon/discussions/18688
Another theme that keeps popping up is ppl on Fedi using (#)GriftHub.
Also as s part of a holistic movement towards #censorshipResistance, all instances should strive to federate over Tor or I2P.
We posit that federation over #I2P should be default because Tor don't like lots of traffic (eg. they don't recommend torrenting over Tor etc).
To support this server and the OMN project https://opencollective.com/open-media-network