Afternoon Dessert - 2022-07-05

Welcome to another Afternoon Dessert breakout:

Pro-China Group Uses Dragonbridge Campaign to Target Rare Earth Mining Companies
A pro-China influence campaign singled out rare earth mining companies in Australia, Canada, and the U.S. with negative messaging in an unsuccessful attempt to manipulate public discourse to China's benefit. Targeted firms included Australia's Lynas Rare Earths Ltd, Canada's Appia Rare Earths & Uranium Corp, and the American company USA Rare Earth, threat intelligence firm Mandiant said in a
Read more....

Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild
Google on Monday shipped security updates to address a high-severity zero-day vulnerability in its Chrome web browser that it said is being exploited in the wild. The shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native
Read more....

Canadian cybercriminal pleads guilty to “NetWalker” attacks in US
Bust in Canada, now bust in the USA as well.
Read more....

Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms
A widespread software supply chain attack has targeted the NPM package manager at least since December 2021 with rogue modules designed to steal data entered in forms by users on websites that include them. The coordinated attack, dubbed IconBurst by ReversingLabs, involves no fewer than two dozen NPM packages that include obfuscated JavaScript, which comes with malicious code to harvest
Read more....

Microsoft quietly fixes ShadowCoerce Windows NTLM Relay bug
Microsoft has confirmed it fixed a previously disclosed 'ShadowCoerce' vulnerability as part of the June 2022 updates that enabled attackers to target Windows servers in NTLM relay attacks. [...]
Read more....

Google patches “in-the-wild” Chrome zero-day – update now!
Running Chrome? Do the "Help-About-Update" dance move right now, just to be sure...
Read more....

NPM supply-chain attack impacts hundreds of websites and apps
An NPM supply-chain attack dating back to December 2021 used dozens of malicious NPM modules containing obfuscated Javascript code to compromise thousands of downstream desktop apps and websites. [...]
Read more....