Threat actors are exploiting a vulnerability in shared content delivery network (CDN) infrastructure to hide connections to malicious domains.
Dubbed Underminr, the issue is a variant of domain fronting, a now-mitigated type of attack that enabled threat actors to place an allowed domain in the SNI and TLS certificate validation fields of an HTTPS request, while embedding a different target domain...
