This incident has gone unnoticed, I make a summary for lazy people.

A Chinese hacker group has obtained the Identity provider's signing keys from Microsoft, which means that they have been able to log into any account of outlook.com, exchange online and part of azure which are the services that used these keys.

Microsoft's actions have not even flinched and people will continue to trust these fraudsters who have not even warned their users.

nostr:note1sax87s3mr9u60j52jr57je0xqmf5t0x2tls3rurhcjhhkzh9cq5qzp7zwx