Researchers have discovered a relatively new way to distribute malware that relies on reading malicious obfuscated JavaScript code stored in a PNG file’s metadata to trigger iFrame injections.

All JavaScript programming happens in an environment like a web browser, Node, or Bun.js. Each of these environments has its own set of pre-defined variables like window and console.

Nowadays JavaScript has three different keywords to declare a variable — var, let and, const. Each has its own properties and particularities. Let’s start by making a simple comparison table ...