Security researchers are warning that attackers are now embedding fake domains into legitimate third-party scripts on websites, evolving beyond traditional typosquatting that targets end users. The technique bypasses current detection methods by hiding malicious domains within code that already has trusted access.