frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Most parked domains now serving malicious content

https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/
45•bookofjoe•1h ago

Comments

excalibur•1h ago
The bit about the gmai.com mailserver is disturbing. One would imagine there are many other typo squatters with a similar setup.
imglorp•46m ago
I just checked. At least it's not answering on 25 to receive all that free typo mail. Same for gmali.com. But they could spoof the gmail login page. Not finding out.

    PORT     STATE SERVICE
    80/tcp   open  http
    443/tcp  open  https
    8080/tcp open  http-proxy
Bender•55m ago
I park mine by having no IP address, MX record is "0 ." meaning it does not receive email, the SPF record is "v=spf1 -all" and DMARC is a strict reject, CAA is 0 issue ";", BIMI is "v=BIMI1; l=; a=;". I do the same for wildcard DNS. There's probably more I should add.
ericpauley•52m ago
Indeed, this is a common practice in the broader data. It seems the linked article is filtering to resolvable+hosted domains, a subset of overall domain parking.
Bender•49m ago
Yup. That's why I am suggesting to stop that practice and just remove the IP rather than trusting the landing page someone else maintains. Or if one would like to give bots something to do point it to a multicast address or perhaps MoD/US Military address.
ericpauley•54m ago
We did a large-scale study of this phenomenon recently: https://www.cs.bu.edu/faculty/crovella/paper-archive/wung-if...

Across a broad sample of typo domains of major sites, most registered domains aren’t actually reachable, implying they are registered for defensive, legitimate, or unrelated purposes. Interestingly, the typo space on major sites is actually very sparsely registered (2% at edit distance 1), meaning that typosquatting may actually be underexploited.

moralestapia•51m ago
This just happened to me a month ago, I was waiting for a unused domain to expire. The domain was hosted on Epik (which I think is a trashy company but w/e).

About a month before expiration it somehow got renewed for 10 years, which is weird because it was not available ... and now is hosting a "get-rich-quick" scam that pretends a genuine Petro Canada campaign.

homebrewer•28m ago
> About a month before expiration it somehow got renewed for 10 years, which is weird because it was not available

I've seen some domain registrars auctioning off domains during the last 2-4 weeks before they expire. If nobody buys it, then it actually expires and is then released.

HWR_14•20m ago
Which registrars? I would want to avoid those.
dvh•48m ago
Yesterday I received spam with link on https://storage.googleapis.com/ that redirected to some parked domain.
rickcarlino•19m ago
Hopefully “direct navigation” does not become a boogeyman like “side loading” has.
wlesieutre•5m ago
Especially when the alternative is "type the company name into google" where the top 3 results are ads and they've previously been seen to stick malware distribution sites above the legitimate company pages

This was happening for months with blender in 2022/2023, previously collected links about it here: https://news.ycombinator.com/item?id=34917701

Experts Say Even Average Venezuelans Critical of Maduro Won't Back Regime Change

https://truthout.org/articles/experts-say-even-average-venezuelans-critical-of-maduro-wont-back-r...
1•robtherobber•1m ago•0 comments

Show HN: HN Wrapped 2025 – your year on Hacker News

https://hn-wrapped.kadoa.com?year=2025
1•hubraumhugo•1m ago•0 comments

Are Apple Gift Cards Safe to Redeem?

https://daringfireball.net/linked/2025/12/17/are-apple-gift-cards-safe-to-redeem
1•tosh•2m ago•0 comments

Running a full voice stack (ASR –> LLM –> TTS) locally with Docker

https://www.docker.com/blog/develop-deploy-voice-ai-apps/
1•3Sophons•3m ago•1 comments

systemd v259 Released

https://github.com/systemd/systemd/releases/tag/v259
1•voxadam•4m ago•0 comments

Engineering dogmas it's time to retire

https://newsletter.manager.dev/p/5-engineering-dogmas-its-time-to
1•flail•5m ago•0 comments

Ask HN: How are you building a company-wide MCP strategy?

1•shouche•7m ago•1 comments

Hatred of Israel Caused Iran's Water Crisis

https://aish.com/hatred-of-israel-caused-irans-water-crisis/
1•mhb•8m ago•1 comments

Show HN: Physically Based Shading Dojo in WebGL2

https://gnikoloff.github.io/webgl-pbr-dojo/
1•georginikolov•8m ago•1 comments

Legal AI startups sell fear, not products

https://theredline.versionstory.com/p/why-cant-43b-in-legal-ai-investment
2•jpbryan•8m ago•0 comments

How to Win Titular Metagames

https://taylor.town/how-to-title
1•surprisetalk•9m ago•0 comments

Please Just Try Htmx

http://pleasejusttryhtmx.com/
2•iNic•10m ago•0 comments

Ask HN: How to manage inbound calls/ emails/ texts etc.

1•duckkg5•10m ago•1 comments

The collab way for creators to find work and get paid

https://the-fuse.app/
1•iCeGaming•11m ago•1 comments

How agent workloads change the shape of data systems

https://tonbo.io/blog/tonbo-manifesto
1•ethegwo•13m ago•0 comments

Free Live Streaming Platform for Developers with No Catches

https://www.red5.net/blog/free-live-streaming-platform-for-developers/
1•mondainx•13m ago•1 comments

Show HN: SHM – Telemetry for self-hosted apps (no user tracking)

https://github.com/btouchard/shm
1•benjy3379•15m ago•0 comments

1.5 TB of VRAM on Mac Studio – RDMA over Thunderbolt 5

https://www.jeffgeerling.com/blog/2025/15-tb-vram-on-mac-studio-rdma-over-thunderbolt-5
2•bonyt•16m ago•0 comments

Trump Media is merging with a nuclear fusion company

https://www.theverge.com/news/847159/trump-media-tae-technologies-merger-nuclear-fusion
2•trueduke•17m ago•0 comments

Pandemic Lockdowns Changed a Songbird's Beak

https://www.nytimes.com/2025/12/15/science/covid-ecology-anthropause-birds.html
1•danso•18m ago•1 comments

MEV is an execution design problem

1•shdwapp•20m ago•0 comments

Jensen Huang: Israel has become Nvidia's second home

https://en.globes.co.il/en/article-jensen-huang-israel-has-become-nvidias-second-home-1001529537
1•mhb•20m ago•0 comments

Show HN: Open-Source B2B SaaS Starter Kit (Go, Next.js, RBAC, Polar)

https://github.com/moasq/production-saas-starter
1•moh_quz•20m ago•0 comments

The Impact of Technical Blogging

https://writethatblog.substack.com/p/the-impact-of-technical-blogging
1•cyndunlop•21m ago•0 comments

An Engineer's Critique of Physicalism (Materialism)

https://arrno.substack.com/p/an-engineers-critique-of-physicalism
1•arrno•21m ago•1 comments

Closure of Operations in Computer Programming

https://deniskyashif.com/2025/12/18/closure-of-operations-in-computer-programming/
1•deniskyashif•21m ago•0 comments

The Mysterious Forces Steering Views on Hacker News

https://xn--gckvb8fzb.com/the-mysterious-forces-steering-views-on-hacker-news/
3•dxs•23m ago•1 comments

The 10 Most Mind-Blowing Discoveries About the Brain in 2025

https://www.scientificamerican.com/article/10-mind-blowing-brain-discoveries-from-2025/
1•dxs•24m ago•0 comments

Virtualizing Nvidia HGX B200 GPUs with Open Source

https://www.ubicloud.com/blog/virtualizing-nvidia-hgx-b200-gpus-with-open-source
16•ben_s•25m ago•0 comments

Programming Ruby 4 (The 6th edition of the PickAxe Book)

https://pragprog.com/titles/ruby6/programming-ruby-4-6th-edition/
1•Kerrick•25m ago•0 comments