Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Taggart @mttaggart@infosec.exchange

11/26/2025, 2:00:43 PM

Public

Okay I get why this change sounds great, but I'm pretty sure a consequence is that password managers will no longer autofill on Entra sign-in pages. That will likely lead to weaker credentials or weaker storage of them. That feels like a net loss.

https://techcommunity.microsoft.com/blog/microsoft-entra-blog/enhance-protection-of-microsoft-entra-id-authentication-by-blocking-external-scr/4435200

Enhance protection of Microsoft Entra ID authentication by blocking external script injection | Microsoft Community Hub

Microsoft is further enhancing security of the Microsoft Entra ID authentication experience by blocking external script injection. [Action may be required]

techcommunity.microsoft.com · TECHCOMMUNITY.MICROSOFT.COM

If you have a fediverse account, you can quote this note from your own instance. Search https://infosec.exchange/users/mttaggart/statuses/115616359630798607 on your instance and quote it. (Note that quoting is not supported in Mastodon.)