Threat Post

PNG Image Metadata Leading to iFrame Injections

Researchers have discovered a relatively new way to distribute malware that relies on reading malicious obfuscated JavaScript code stored in a PNG file’s metadata to trigger iFrame injections.
ZDNet

Credit card skimmers are now being buried in image file metadata on e-commerce websites

Cybercriminals making use of online credit card skimmers continue to improve their attack methods, and this time, malicious code has been found buried in image file metadata loaded by e-commerce ...