Archive for January 23, 2026

Powerful “Stanley” browser-based MaaS guarantees Chrome Store approval 

Posted in Commentary with tags on January 23, 2026 by itnerd

Varonis has uncovered a powerful new proof-of-concept MaaS toolkit called “Stanley” which is actively promoted on Russian cybercrime forums. Stanley follows recent, widespread browser-based attacks such as DarkSpectre and CrashFix, suggesting active interest in exploiting this attack vector.

What sets Stanley apart:

  • A turnkey MaaS for browser-based attacks. Attackers get an array of tools at their fingertips. After quietly infecting victims, it uses real Chrome notifications to redirect to spoofed sites while leaving genuine URLs intact.
  • Low cost. Stanley starts at 2,000 USD, and for a few thousand more, it’s guaranteed to pass Google’s review process. Its low price point places it within reach of solo scammers to organized crime groups alike.
  • Chrome seal of approval. Stanley masquerades as a humble note-taking browser extension (“Notely”), that’s approved and available for download in the Chrome Web Store.

According to researcher and author Daniel Kelley:

“Extensions that do something useful while hiding malicious functionality are hard to spot. They pass store reviews, they work as advertised, and users have no reason to question them. The permissions needed for legitimate features are often the same ones needed to steal credentials or hijack sessions. Only install extensions you actually need, and regularly audit your browser to remove any you’re no longer using.”

Varonis just published a report on this: Stanley — A $6,000 Russian Malware Toolkit with Chrome Web Store Guarantee

Leave a comment »

Samsung Canada Launches 11th Annual Solve for Tomorrow Contest

Posted in Commentary with tags on January 23, 2026 by itnerd

Samsung Electronics Canada Inc. has announced the launch of the 2025/2026 Solve for Tomorrow Contest, a nationwide initiative challenging Canadian students in grades 6 –12 to use STEM (Science, Technology, Engineering and Math) to develop real-world solutions that make a meaningful impact in their communities. 

Canadian youth are eager to develop STEM skills, yet classrooms are not resourced to support in a meaningful way. Solve for Tomorrow aims to address this gap by creating hands-on, applied experiences that help students develop the skills they need for the future. 

State of STEM in Canada: Data Snapshot 

  • 98 per cent of Canadians say it is important for youth to develop STEM skills 
  • Only 40 per cent believe schools have the resources to prepare students for STEM careers, with nearly two in three expressing that schools are not well equipped with the tools needed 
  • 90 per cent say hands on experiences spark student interest in STEM* 

Now in its 11th year, Samsung’s Solve for Tomorrow offers a unique opportunity for youth to engage further with STEM concepts. The contest has reached over 40,000 students across Canada and contributed more than one million dollars in technology and grants to empower future leaders through innovation. 

Even as career pathways expand, many young people face hard limits on access. 40 per cent of Canadians feel schools are not well equipped to provide youth with the tools and knowledge needed for future careers, while 47 per cent of Canadians point to the cost of higher education as the biggest barrier to pursuing STEM studies.* Concerns around confidence, inclusivity, and equitable access compound the challenge, narrowing the number of students who feel able to participate in these fast-growing fields. 

Solve for Tomorrow encourages students to explore STEM in new ways by offering a challenge that sparks creativity and real-world problem-solving.  

Canadians are calling for applied STEM and AI education that connects classrooms with real-world problem solving. 89 per cent of Canadians support partnerships that make STEM education more practical, and many see them as essential preparation for future careers.* 

Designed to put a spotlight on STEM, the Solve for Tomorrow contest will help do the following: 

  • Integrate STEM with practical real-world applicability, helping to create long-term educational impact 
  • Inspire diverse student participation, helping to highlight opportunity gaps in STEM education 
  • Accelerate community-led problem solving, challenging students to turn local insights into broader solutions 

Key Highlights  

The annual competition is designed to foster STEM-based innovation to solve real-world problems. 

  • Who: Canadian students in grades 6-12 (teachers submit applications on their behalf). 
  • When: Teachers can register their teams’ interest and learn more about the program, with opportunities for early recognition and prizes, through submitting via this link. The official submission period for student-written applications will open on January 12, 2026.  

Prizes:   

  • Eight finalist schools will each receive a $5,000 E-Voucher (taxes not included) that they can use towards the purchase of Samsung technology.  
  • The top three winning schools will be awarded a $50,000 (first place), $20,000 (second place), and $10,000 (third place) E-Voucher (taxes not included) that they can use towards the purchase of Samsung technology. An additional $5,000 will be given to the Fan Favourite winner.  

*Disclaimer:  
Based on a 2025 randomized quantitative online survey conducted by Edelman Public Relations Worldwide Canada Inc. of 1,510 individuals across Canada comprised of adults who are 18+, 390 parents of children under the age of 18, and 259 elementary school educators/professionals. 

Leave a comment »

Attackers Reverse‑Engineer Patch to Exploit SmarterMail Admin Bypass in the Wild 

Posted in Commentary with tags on January 23, 2026 by itnerd

It is being reported that a critical authentication bypass vulnerability in SmarterTools SmarterMail is actively being exploited in the wild by attackers. 

We did not plan to publish this blog post today – Wednesdays are meme days – but that changed when an anonymous reader reached out to us with a tip – somebody is currently exploiting SmarterMail and resetting admin passwords.

This same reader was kind enough to point us to a seemingly related SmarterMail forum thread, where a user is claiming that they cannot access their admin account anymore and provided log file excerpts of potentially related and suspicious behaviour

Commenting on this news is Martin Jartelius, AI Product Director at Outpost24:

“This incident highlights a growing reality in cybersecurity: the real risk often starts after a patch is released. Zero-day vulnerabilities are difficult to defend against, but once a fix becomes public, attackers quickly reverse-engineer it to understand and weaponize the flaw. What used to take weeks now takes days, or even hours, especially with logic-based vulnerabilities like this one, where exploitation requires little sophistication. The defender’s only advantage is speed. Organizations need immediate visibility into what software is running in their environment and the ability to map new vulnerability intelligence against it in real time. When attackers can move from patch to exploit in hours, rapid awareness and response are critical.”

This illustrates how crafty the bad guys can be. Which means you need to be on top of patching all the things so that attackers don’t have an advantage over you.

Leave a comment »

149M harvested credentials exposed in data breach 

Posted in Commentary with tags on January 23, 2026 by itnerd

Cybersecurity researcher Jeremiah Fowler recently discovered a non-password-protected database containing over 149 million unique credentials. These records were collected from victims of malware worldwide and include everything from social media and streaming services to sensitive financial logins.

In a few words, the publicly accessible database:

  • Exposed 149,404,754 unique logins and passwords (96GB of raw data);
  • Revealed user credentials for major platforms (including Facebook, Instagram, TikTok, X, dating sites, and OnlyFans, affecting both creators and customers);
  • Included high-risk financial credentials (such as crypto wallets, trading services, and banking logins).

Because this data was likely collected by malicious third parties, there is a heightened risk of widespread credential-stuffing attacks, identity theft, and financial fraud. 

Jeremiah published his detailed findings on the ExpressVPN blog here: https://www.expressvpn.com/blog/149m-infostealer-data-exposed/

UPDATE: I have commentary on this starting with Paul Bischoff, Consumer Privacy Advocate at Comparitech

“The data is a gold mine for cybercriminals launching credential stuffing attacks. Cybercriminals can use stolen username and password combinations to log into a wide array of accounts under the assumption that many people use the same password across multiple accounts. This process is automated, so a hacker can attempt to use a single set of credentials across dozens or even hundreds of accounts in a matter of seconds.

This data exposure highlights the importance of setting unique passwords and using two-factor authentication when available. If you don’t reuse passwords, then you are immune to credential stuffing attacks. Even if a cybercriminal tries to log into your account with the correct password. two-factor authentication will prevent them from doing so in the vast majority of attacks.”

Chris Hauk, Consumer Privacy Champion at Pixel Privacy:

“The report indicates the harvested login credentials were the results of “Keylogger” and other types of “infostealer” malware underscores the need for computer users to run Antivirus and ant-malware protection on their machines. Whether they use Windows or macOS, there are risks to not keeping your machine safe by running security apps in the background. 

The exposure of such a huge number of credentials poses a significant risk to users that are not aware of the breach and to what extent they are exposed. While it may be too soon to have this information included in the “HaveIBeenPwned” (https://haveibeenpwned.com/) website’s extensive database, I still strongly recommend that users visit the site and enter their email address(es) to determine whether their information has been exposed in previous data breaches. I also recommend that they take advantage of the website’s option to notify them when their email address was exposed in future data breaches.

Last but not least, everyone should use a password manager. In addition to keeping track of login information for multiple sites, password managers often offer warnings about password reuse or if a login has been exposed in a breach. This makes it easy to guard against password reuse, and to update passwords when they need to be changed.”

Leave a comment »