Posts tagged ‘Threat Intelligence’

Industry Insights May 13, 2026

CVE-2026-41940: Inside the cPanel/WHM Authentication Bypass

Introduction Hosting control panels operate with near-total authority over a server: websites, databases, DNS, email, and the account lifecycle are all driven from one place. That privilege makes them a high-value target—when a control-plane bug appears, compromise can extend far beyond a single site. CVE-2026-41940 is a pre-authentication bypass affecting WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared). In practical terms, it lets a remote, unauthenticated attacker reach administrator-level control without supplying valid credentials. Background: What Is cPanel/WHM? cPanel is a widely deployed, Linux-based hosting panel. WHM is the higher-privileged layer used by resellers and server administrators to…

Read More
Industry Insights May 11, 2026

The Ghost in the Leased Line: Unmasking MuddyWater, Surgical Cyber Arm

In the high-stakes theater of global geopolitics, the most effective weapons aren’t always missiles; sometimes, they are just few lines of code.

Read More
Industry Insights Apr 2, 2026

Identity Is the New Perimeter. Stryker Just Taught Us That the Hard Way.

A story on how an Iran-linked group wiped tens of thousands of Stryker’s devices A nation-state attack that changes every assumption we had For years, we have treated nation-state threats as a “Tier 1” problem — something reserved for defense contractors and the energy grid. The March 2026 attack on Stryker Corporation by Iran-linked group Handala officially kills that assumption. On March 11, 2026, Stryker’s corporate Microsoft environment was hit. Employees arrived to find their managed devices wiped out overnight through entirely legitimate Intune commands. Handala claimed 200,000+ systems affected; independent reporting confirms that tens of thousands were impacted. Stryker’s…

Read More
Industry Insights Mar 31, 2026

What is Workspace Security?

“What Is Workspace Security? Learn how Workspace Security, operating within the broader Secure Access Service Edge (SASE) framework, unites advanced security and networking technologies to safeguard users, devices, applications, and data. From enabling Zero Trust principles to incorporating tools like SWG, CASB, ZTNA, DLP, and DEM, explore how Workspace Security helps organizations protect distributed workforces while enabling productivity and collaboration. Discover why Versa is a leader in SASE innovation for modern enterprises.

Read More
Product & Engineering Mar 26, 2026

Securing the Modern Browser: How Versa Remote Browser Isolation Protects an AI-Driven Workforce

Remote Browser Isolation (RBI) is a critical defense against zero-day threats, data loss, and unmanaged device risk. Learn how Versa RBI integrates natively with Unified SASE to secure the browser across your enterprise.

Read More
AI Thought Leadership Feb 27, 2026

AI-Generated Malware Like VoidLink: Why Architecture, Not Hype, Is the Real Defense — and How Versa SASE Delivers It

Recent reporting on VoidLink, a Linux malware framework reportedly developed almost entirely with the assistance of generative AI, marks a structural shift in the threat landscape. According to coverage in CSO Online, VoidLink’s development cycle, code organization, and modular design strongly suggest AI-assisted creation — compressing what historically required months of coordinated engineering into days of automated iteration. This is where Versa SASE, combined with GenAI usage controls, provides a grounded and enforceable defensive posture.

Read More
Research Lab Feb 5, 2026

BrickStorm Malware: Anatomy of a Stealth Linux Backdoor Targeting Modern Infrastructure

BrickStorm is a highly stealthy Linux backdoor designed for long-term, targeted cyber-espionage. Brickstorm is closely associated with Cyber Espionage group UNC5221, which is known for exploiting zero-days vulnerability in network edge appliances like Ivanti, F5 and MiTRE breach. Unlike commodity malware, BrickStorm is deployed post-compromise, operates largely in memory, and uses a modular architecture with custom encrypted command-and-control (C2). Its focus on Linux servers, network appliances, and embedded systems reflects a broader trend: attackers increasingly target infrastructure layers where visibility and detection are weakest.

Read More
Research Lab Dec 16, 2025

React2Shell Vulnerability

React2Shell Remote Code Execution in React Server Components Vulnerability The bug dubbed as React2Shell, comprising two CVE’s, mainly CVE-2025-55182 and CVE-2025-66478, allows remote unauthenticated users to gain code execution on servers running vulnerable versions of React RSC or Next.JS App Router via single HTTP request. MITRE Tactic ID Technique Name Initial Access T1109 Exploit Public-Facing Application Execution T1059 Command and Scripting Interpreter Persistence T1505.003 Server Software Component: Web Shell Privilege Escalation T1068 Exploitation for Privilege Escalation Defense Evasion T1070.004 Indicator Removal on Host: File Deletion Next.js now powers a massive share of the modern web — millions of production sites,…

Read More
Company Updates Dec 4, 2025

Achieve Zero Blind Spots with Versa’s Complete Branch Security that Protects Guest Wi-Fi and Beyond 

Branches are surging back in prominence as hubs for users, applications, and a rapidly expanding IoT ecosystem. In this new branch paradigm, Guest Wi-Fi is no longer a convenience. It’s a non-negotiable requirement across retail, healthcare, hospitality, financial services, and much more. Unfortunately, this shift introduces a new mix of unpredictable user behavior, diverse applications, and thousands of devices to the branch infrastructure. This dramatically increases bandwidth demands and expands the attack surface where guest devices can bring malicious files, launch DNS-based threats, enable data exfiltration, or open compliance and privacy gaps. Industry research shows 70% of performance degradation and…

Read More
Research Lab Nov 25, 2025

Versa Threat Research Labs Spotlight – DeskRAT: TransparentTribe’s Latest Weapon for Targeted Espionage

TransparentTribe (also known as APT36), a state sponsored threat actor known for long running cyber espionage against defense and government sectors, has launched a new campaign leveraging a custom Remote Access Trojan (RAT) dubbed DeskRAT. This malware is distributed through phishing emails containing malicious attachments or links that deliver the payload to targeted systems.

Read More
Product & Engineering

Versa and CrowdStrike: Stronger Together for Unified Endpoint and Network Security

Anusha Vaidyanathan
By Anusha Vaidyanathan
Sr. Director, Product Management
September 29, 2025

Cyber threats today are faster, stealthier, and more adaptive than ever before. Endpoint Detection and Response (EDR) has become a critical line of defense. However, it’s not enough on its own. Network-layer controls must work hand-in-hand with endpoint intelligence to stop attackers before they can move laterally, exfiltrate data, or disrupt operations.

READ MORE
Product & Engineering

How Hackers Use DNS to Spread Malware, and How Versa DNS Security Stops It

Shubham Sangle
By Shubham Sangle
Product Manager
August 19, 2025

Discover how Versa DNS Security detects and blocks advanced DNS-based threats, including malware hidden in TXT records and DNS tunneling attacks.

READ MORE
Industry Insights

Securing IoT and OT Devices with Versa Next-Generation Firewall

Jon Taylor
By Jon Taylor
Director and Principal of Security, Versa Networks
July 8, 2025

How to secure IoT and OT environments with Versa’s Next-Gen Firewall — offering Zero Trust access, device fingerprinting, micro-segmentation, and threat prevention.

READ MORE
Industry Insights

2025 Verizon DBIR Inside: Cybersecurity Trends from 12,000+ Data Breaches

Sambuj Dhara
By Sambuj Dhara
Product Analyst
June 9, 2025

Explore the 2025 Verizon DBIR with insights from 12,000+ breaches, highlighting ransomware trends, third-party risks, and BYOD vulnerabilities.

READ MORE
Industry Insights

How Networking Improves Your Cybersecurity Posture

Brad LaPorte
By Brad LaPorte
Strategic Advisor
May 20, 2025

Traditionally, networking and security have operated as separate silos within enterprise IT. Networking was focused on providing connectivity, while security was tasked with protecting that connectivity.

READ MORE
Industry Insights, Product & Engineering

AI-Powered SASE: Transforming Threat Detection and Response with VersaAI

Dhiraj Sehgal
By Dhiraj Sehgal
Senior Director, Product Marketing
May 14, 2025

Secure your enterprise with AI-powered Versa SASE that boosts threat detection and response with real-time analytics, behavioral insights, and intelligent security automation for today’s digital landscape.

READ MORE
Industry Insights

Securing the Open Source Supply Chain: A Network-Centric Approach

Rahul Mehta
By Rahul Mehta
Product Marketing Analyst
April 15, 2025

The widespread use of OSS — from foundational operating systems like Linux to orchestration platforms like Kubernetes — has enabled rapid development and faster innovation. However, as OSS adoption accelerates with the rise of GenAI tools and platforms, so too does the complexity and risk associated with securing open source software. This blog is intended for IT and security leaders who recognize these challenges and are seeking effective strategies to address them.

READ MORE
Company Updates

Versa Achieves Exceptional Results in CyberRatings.org SSE Threat Protection and ZTNA Tests 

Dan Maier
By Dan Maier
Chief Marketing Officer, Versa Networks
October 24, 2024

In the crowded landscape of cloud-delivered Security Service Edge (SSE), relying on vendor claims of performance and security can often lead to disappointment. Increasingly, enterprises are seeking actual test results to validate the solutions they are considering.

READ MORE
Industry Insights

ISACA Survey Points to Growing Threats and Lack of Automation 

Kevin Sheu
By Kevin Sheu
VP of Product Marketing
October 14, 2024

This latest survey is more confirmation that an oft-mentioned reality continues to be true – that the nature of threats keeps advancing and organizations frequently find themselves falling further and further behind. Far and away, the top reason given for increased stress isn’t low budgets or lack of training or failure of company leadership to prioritize security – even though these are among the reasons cited – it’s the “threat landscape is increasingly complex,” listed by 81 percent of respondents, nearly double the next-closest response.

READ MORE
Company Updates

Comprehensive Threat Defense: How Versa Uses the MITRE ATT&CK Framework for Threat Detection and Response

Anusha Vaidyanathan
By Anusha Vaidyanathan
Sr. Director, Product Management
September 12, 2024

Versa Advanced Threat Protection (ATP) is a comprehensive cybersecurity solution designed to protect organizations from sophisticated threats across various vectors. Versa’s ATP detection reports are mapped directly to the MITRE ATT&CK framework, providing security teams a fingerprint of attacks, which can then be used for attribution to known adversaries, incident response, simulation attacks, and other security measures.

READ MORE

Recent Posts

Kelly Ahuja
The Network Is The First Line Of Defense – It’s Time To Treat It That Way
By Kelly Ahuja
June 23, 2026
Srinivas Dodamani
Operationalizing Post-Quantum Cryptography in SASE and SD-WAN
By Srinivas Dodamani
June 23, 2026
Rajesh Kari
5G as Primary WAN: Making 5G Enterprise-Ready with Versa Secure SD-WAN 
By Rajesh Kari
June 18, 2026
Martin Mackay
Data Residency Is Not Sovereignty: What to Ask Before You Sign
By Martin Mackay
June 15, 2026
Rajesh Kari
Resiliency Is the New SLA: Why AI Demands an Always-On Intelligent Edge 
By Rajesh Kari
June 4, 2026


Topics



Top Tags

Gartner Research Report

2025 Gartner® Magic Quadrant™ for SASE Platforms

Versa has for the third consecutive year been recognized in the Gartner Magic Quadrant for SASE Platforms and is one of 11 vendors included in this year's report.