Threat Post

PNG Image Metadata Leading to iFrame Injections

Researchers have discovered a relatively new way to distribute malware that relies on reading malicious obfuscated JavaScript code stored in a PNG file’s metadata to trigger iFrame injections.
Engadget

Hackers are hiding virtual credit card skimmers in image file metadata

Lots of people know to check ATMs and gas station credit card readers for skimmers, but it’s harder to tell when virtual ones are hidden them in websites’ payment portals. According to research from ...
ZDNet

Google Photos vulnerability could have let hackers retrieve image metadata

Google has patched a bug in its Photos service that could have allowed a malicious threat actor to infer geo-location details about images a user was storing in their Google Photos account. The attack ...
ZDNet

Credit card skimmers are now being buried in image file metadata on e-commerce websites

Cybercriminals making use of online credit card skimmers continue to improve their attack methods, and this time, malicious code has been found buried in image file metadata loaded by e-commerce ...