Researchers have discovered a relatively new way to distribute malware that relies on reading malicious obfuscated JavaScript code stored in a PNG file’s metadata to trigger iFrame injections.

Solving Internet Explorer’s PNG Shortcomings with JavaScript Most modern browsers, like Firefox, Safari and Opera, offer support for PNG images with full alpha channel transparency.