Cyber Incident Victim: Versa Networks

Versa Networks, a provider of Secure Access Service Edge (SASE) solutions, disclosed on April 1, 2025 that it had become aware of a cybersecurity incident affecting one of its non‑production environments. The affected environment was described as being used for a limited set of quality‑assurance test beds, validation‑of‑concept installations, and development sandboxes. Versa Networks emphasized that this environment did not contain any customer data or personal information of any kind. The company stated that, upon learning of the incident, it immediately launched an investigation.

As part of its response, Versa Networks removed the malicious actor from its systems and took steps to exclude any further unauthorized activity on the network. The company’s investigation concluded that the incident was confined to the non‑production environment and had not impacted its production systems, customer data, or employee information. Versa Networks affirmed that no client or employee information was compromised as a result of the attack. The firm also noted that it had verified that the attacker had been eradicated from the affected environment. According to information gathered by LeMagIT and corroborated by RansomLook.io, the threat actor behind the attack is linked to the emerging ransomware group Silent, which is described as a spin‑off of the Hunters International collective. A representative of Silent told the publication that large IT companies would soon appear on the group’s blog and that they already know the volume and type of data the group possesses, adding that those companies might reconsider their stance on payment. The article does not provide further details about the specific tactics, techniques, or procedures used in the intrusion beyond the compromise of the non‑production test environment.