Two malicious VS Code extensions have exfiltrated code snippets, API keys, and proprietary algorithms from 1.5 million ...

Researchers have discovered a relatively new way to distribute malware that relies on reading malicious obfuscated JavaScript code stored in a PNG file’s metadata to trigger iFrame injections.