Posts tagged ‘Security’
Industry Insights
CVE-2026-41940: Inside the cPanel/WHM Authentication Bypass
By Ronak Dhandha
Security Engineer 2 - Research
May 13, 2026
Introduction Hosting control panels operate with near-total authority over a server: websites, databases, DNS, email, and the account lifecycle are all driven from one place. That privilege makes them a high-value target—when a control-plane bug appears, compromise can extend far beyond a single site. CVE-2026-41940 is a pre-authentication bypass affecting WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared). In practical terms, it lets a remote, unauthenticated attacker reach administrator-level control without supplying valid credentials. Background: What Is cPanel/WHM? cPanel is a widely deployed, Linux-based hosting panel. WHM is the higher-privileged layer used by resellers and server administrators to…
Industry Insights
Compliance: Mapping the Coast Guard’s MTSA Cyber Rule to VersaONE
By Dhiraj Sehgal
Senior Director, Product Marketing
May 12, 2026
Here is how Versa Unified SASE platform translates 33 CFR Part 101, Subpart F into controls for compliance.
Industry Insights
The Ghost in the Leased Line: Unmasking MuddyWater, Surgical Cyber Arm
By Jayesh Gangadas Patel
Principle Threat Researcher, Versa Networks
May 11, 2026
In the high-stakes theater of global geopolitics, the most effective weapons aren’t always missiles; sometimes, they are just few lines of code.
Industry Insights
Identity Is the New Perimeter. Stryker Just Taught Us That the Hard Way.
By Shruti Badami and Prasad T
Security Engineer - Research, and Field CISO
April 2, 2026
A story on how an Iran-linked group wiped tens of thousands of Stryker’s devices A nation-state attack that changes every assumption we had For years, we have treated nation-state threats as a “Tier 1” problem — something reserved for defense contractors and the energy grid. The March 2026 attack on Stryker Corporation by Iran-linked group Handala officially kills that assumption. On March 11, 2026, Stryker’s corporate Microsoft environment was hit. Employees arrived to find their managed devices wiped out overnight through entirely legitimate Intune commands. Handala claimed 200,000+ systems affected; independent reporting confirms that tens of thousands were impacted. Stryker’s…
Research Lab
BrickStorm Malware: Anatomy of a Stealth Linux Backdoor Targeting Modern Infrastructure
By Jayesh Gangadas Patel
Principle Threat Researcher, Versa Networks
February 5, 2026
BrickStorm is a highly stealthy Linux backdoor designed for long-term, targeted cyber-espionage. Brickstorm is closely associated with Cyber Espionage group UNC5221, which is known for exploiting zero-days vulnerability in network edge appliances like Ivanti, F5 and MiTRE breach. Unlike commodity malware, BrickStorm is deployed post-compromise, operates largely in memory, and uses a modular architecture with custom encrypted command-and-control (C2). Its focus on Linux servers, network appliances, and embedded systems reflects a broader trend: attackers increasingly target infrastructure layers where visibility and detection are weakest.
Company Updates
‘Secure by Design’ at Versa: One Year of Progress
By Sunil Ravi
Chief Security Architect, Versa Networks
January 30, 2026
Security is a product decision, not an afterthought. As a further commitment to this principle and as a reflection of our pledge to the CISA Secure by Design goals, over the past year Versa has been putting them into practice across our platform, processes, and programs. Organized below around the seven Secure by Design pledge goals is a summary of the related new capabilities and enhancements we’ve delivered, along with a quick explanation of the importance of the changes.
Company Updates
Versa Featured as a Gartner Peer Insights™ Customers’ Choice for SSE
By Michelle Viray
December 11, 2025
At Versa, we take pride in knowing we’ve truly made a difference for our customers. We are deeply invested in products that solve real problems, not just features on a roadmap, but solutions that help real people do their best work. When customers take the time to share how Versa has helped them transform their organizations, it reminds us why we do what we do.
Product & Engineering
Secure Every Connection: Replacing VPNs with ZTNA to Protect Users, Data, and Applications Everywhere
By Dhiraj Sehgal
Senior Director, Product Marketing
December 11, 2025
How Zero Trust Network Access (ZTNA) replaces VPNs to secure users, data, and applications across cloud, branch, and remote environments.
Research Lab
Versa Threat Research Labs Spotlight – DeskRAT: TransparentTribe’s Latest Weapon for Targeted Espionage
By Shivam Lasiyal
Security Engineer - Research
November 25, 2025
TransparentTribe (also known as APT36), a state sponsored threat actor known for long running cyber espionage against defense and government sectors, has launched a new campaign leveraging a custom Remote Access Trojan (RAT) dubbed DeskRAT. This malware is distributed through phishing emails containing malicious attachments or links that deliver the payload to targeted systems.
Industry Insights
From Breach Fatigue to Resilient Confidence: Why Unified SASE Is the Antidote to Today’s Cybersecurity Stalemate
By Kevin Sheu
VP of Product Marketing
November 17, 2025
Learn how Unified SASE helps enterprises overcome cyber fragmentation, boost resilience, and unify Zero Trust security across hybrid environments.
Subscribe to the Versa Blog
Recent Posts
What Enterprises Are Really Saying About AI Security
By Dan MaierMay 14, 2026
