Even Internet Explorer 7 has gotten in on the PNG transparency act, which means designers can take advantage of sophisticated things like gradients or faded images. But there’s one problem.

Researchers have discovered a relatively new way to distribute malware that relies on reading malicious obfuscated JavaScript code stored in a PNG file’s metadata to trigger iFrame injections.

This project creates a plug-in to render JPEG (JPG) and PNG images from vectors just like the back-end process except it does so in JavaScript on the client. Modern Mobile App platforms and browsers ...