Amazon Orders Employees to Relocate to Seattle and Other Hubs (bloomberg.com)

1 points by petethomas 20s ago 0 comments

GEO Is the new SEO (driftspear.com)

1 points by woktalk 1m ago 0 comments

Pushing the Envelope: The Effects of Salary Negotiation (hks.harvard.edu)

1 points by zuhayeer 3m ago 0 comments

A deep-dive explainer on Ink and Switch's BeeKEM protocol (meri.garden)

2 points by erlend_sh 5m ago 0 comments

NIST and Partners Use Quantum Mechanics to Make a Factory for Random Numbers (icfo.eu)

1 points by libpcap 8m ago 0 comments

Become More Social as an Engineer – By Gregor Ojstersek (newsletter.eng-leadership.com)

1 points by rbanffy 13m ago 0 comments

Update to GitHub Copilot consumptive billing experience (github.blog)

1 points by denysvitali 14m ago 0 comments

Remote MCP Support in Claude Code (anthropic.com)

2 points by handfuloflight 15m ago 0 comments

Accelerating Collaboration with AI, chat => personal knowledge => train (loom.com)

1 points by IXCoach 16m ago 1 comments

Core Components of a Profitable AI Billing System (getlago.com)

1 points by AnhTho_FR 16m ago 0 comments

The Missing 11th of the Month (drhagen.com)

1 points by xk3 21m ago 0 comments

Microsoft planning thousands more job cuts aimed at salespeople (seattletimes.com)

2 points by petethomas 27m ago 1 comments

The Python Language Summit 2025: State of Free-Threaded Python (pyfound.blogspot.com)

1 points by rbanffy 28m ago 0 comments

A Python dict that can report which keys you did not use (peterbe.com)

2 points by rbanffy 29m ago 0 comments

Understanding and managing requests in Copilot (docs.github.com)

2 points by benbristow 29m ago 0 comments

The Impossible Man: Roger Penrose and the Cost of Genius (lrb.co.uk)

1 points by mitchbob 29m ago 1 comments

Preview app adds Dark Mode toggle for PDFs on macOS Tahoe, iOS and iPadOS 26 (blog.sangeeth.dev)

2 points by sangeeth96 32m ago 0 comments

Use this free tool if you are not able to be productive (chromewebstore.google.com)

1 points by ngninja 33m ago 0 comments

Lego improves maths and spatial ability in the classroom (surrey.ac.uk)

1 points by giuliomagnifico 33m ago 0 comments

Claude Code can use AST-grep to improve search efficiency and accuracy (twitter.com)

1 points by handfuloflight 34m ago 0 comments

Show HN: universal application where LLM does all computation directly (universal.oroborus.org)

1 points by snickell 35m ago 0 comments

OpenDeepWiki – the open-source multi-repo AI chat Copilot wishes it were (github.com)

1 points by flopsy2 36m ago 1 comments

Addictive Screen Use Trajectories and Suicidal Behaviors in US Youths (jamanetwork.com)

1 points by cmsefton 36m ago 0 comments

Chord: Multiplayer LLM Chats (chord.chat)

1 points by handfuloflight 37m ago 0 comments

Ancestra says a lot about the current state of AI-generated videos (theverge.com)

1 points by ajuhasz 37m ago 0 comments

Geopolymer-based soil solidifiers using waste siding and glass powders (sciencedirect.com)

1 points by PaulHoule 38m ago 0 comments

AI Labs Are Starting to Look Like Sports Teams (sequoiacap.com)

3 points by AnhTho_FR 39m ago 1 comments

Saudi journalist who tweeted against the government executed for 'high treason' (theguardian.com)

6 points by mitchbob 39m ago 1 comments

Show HN: PlanMoney AI Business Plan Generator (planmoney.online)

1 points by Smiler_ 40m ago 0 comments

Some plants make their own pesticide – but at what cost to the atmosphere? (msutoday.msu.edu)

1 points by rmason 43m ago 0 comments

Gulf Contracts (lrb.co.uk)

2 points by mitchbob 44m ago 1 comments

Bento: A Steam Deck in a Keyboard (github.com)

7 points by MichaelThatsIt 46m ago 1 comments

FAI is a tool for unattended mass deployment of Linux (fai-project.org)

4 points by indigodaddy 46m ago 0 comments

Finance blog raided over suspected Swiss banking secrecy law breaches (ft.com)

3 points by petethomas 47m ago 0 comments

Developer platform to build your Software Distribution (blog.omnistrate.com)

7 points by kkgupta 48m ago 0 comments

Most Affordable Semi-Humanoid Robot (youtube.com)

2 points by ariwasch 49m ago 0 comments

Reliability: It's Not Great (community.fly.io)

3 points by nateb2022 56m ago 0 comments

Calling Go from Elixir with a CNode in Crystal (relistan.com)

2 points by mmcclure 59m ago 0 comments

The Technical Face of Payments as a Service (news.alvaroduran.com)

1 points by ohduran 1h ago 0 comments

S1: Simple Test-Time Scaling (arxiv.org)

2 points by bicepjai 1h ago 1 comments

After 10 years, we're past peak RGB, but don't celebrate yet, stealth PC purists (tomshardware.com)

1 points by LorenDB 1h ago 0 comments

Apple's Liquid Glass in the Browser (specy.app)

2 points by halb 1h ago 0 comments

The iPhone SE was the best phone Apple ever made, and now it's dead (2018) (techcrunch.com)

4 points by Bluestein 1h ago 0 comments

Ireland Is Failing Palestine (blog.paulbiggar.com)

1 points by reillyse 1h ago 0 comments

Testing the directional relationship between social media use and materialism (sciencedirect.com)

2 points by tcfhgj 1h ago 0 comments

CNCF Slack workspace will be converted from an enterprise plan to a free plan (cncf.io)

2 points by ashnehete 1h ago 0 comments

Free access Udemy (1 day) – ML for EEG feature extraction. Practical Course (udemy.com)

2 points by GaredFagsss 1h ago 0 comments

Glass Cage iOS 18.2 Vulnerability (substack.com)

2 points by uartz 1h ago 0 comments

Halt and Catch Fire Syllabus (bits.ashleyblewer.com)

1 points by occamschainsaw 1h ago 0 comments

Websites Are Tracking You via Browser Fingerprinting (engineering.tamu.edu)

2 points by gnabgib 1h ago 1 comments

How to report suspected Microsoft service compromise?

1 dboreham 3 6/18/2025, 5:10:45 PM

Investigating a report from someone in the office today I found their browser displaying one of those full screen "Your computer has been hacked, call this phone number" pages. Not too surprising: I clicked the exit full screen button. But when I looked at the URL it appeared to be a legit Microsoft host name (and had obviously evaded the browser blacklisting filter). After some digging in the DNS and traceroute to the host I still can't exclude the possibility that an MS service has been compromised. It had a valid cert issued by MS Azure CA.

Question is what should someone do with this information? I'm 99.9% sure if I fill out Microsoft's "report hacking" form nobody will read it. otoh a compromised MS service seems like a thing I should try to report to someone. Perhaps I'm confused somehow about the evidence and it's running on a throwaway VPS with a unicode character in the DNS zone. Doesn't seem so however.

On the theory that the attacker hasn't actually compromised the MS DNS, I suspect that they've figured out a way to get an auto-generated DNS A record that points to an Azure-hosted VM from which they deliver the payload. They're also somehow able to use a cert with CN: *.web.core.windows.net but should that be valid also for foo.z13.web.code.windows.net? Apparently yes. TIL

I did find this site, with a report of a very similar URL: https://urlquery.net/ . When I submitted mine it ran a check, displayed the same malware screen I had seen, but declared the site to be problem free.

For obvious reasons I don't want to post the URL but you can construct it from this hostname: errorzxx9120x6er in this zone: z13.web.core.windows.net

The zones all the way down to z13 seem to be owned by MS, as is the netblock where the server resides.

Comments (3)

pvg · 4h ago

https://www.reddit.com/r/sysadmin/comments/1b0m7nj/legit_win...

Looks like it's Azure stuff, not an actual compromise of Microsoft services.

dboreham · 3h ago

Oh wow thanks. That's unbelievably stupid on MS part. I thought it was a general rule you never allow customer content to be served on any branded DNS zone (since inevitably it'll be a cesspit of malware). But wait...why the doesn't Google blacklist .windows.net like they would if I ran a customer hosting service under .mycompany.com ?

stop50 · 4h ago

It was Microsofts dumb idea to use the windows.net domain for azure stuff.