WatchGuard Report Shows 1,548% Surge in New Malware, Exposing Gaps in Traditional Security
Event summary
- WatchGuard's biannual threat report reveals a 1,548% spike in new malware from Q3 to Q4 2025.
- 23% of detected malware evaded traditional signature-based detection, qualifying as zero-day threats.
- 96% of blocked malware was delivered over TLS, highlighting visibility gaps without HTTPS inspection.
- Ransomware activity declined 68.42% year over year, but public extortion payments reached record levels.
The big picture
The report underscores the limitations of reactive, signature-based defenses in the face of evolving attack techniques. As malware becomes more sophisticated and evasive, MSPs are increasingly positioned to differentiate by offering proactive, unified security solutions. The shift toward higher-value ransomware attacks and the persistence of network threats highlight the need for layered defenses and continuous monitoring.
What we're watching
- Evasive Malware Trends
- How the surge in never-before-seen malware will pressure MSPs to adopt behavioral, AI-driven protection.
- Encrypted Threat Delivery
- Whether organizations without HTTPS inspection will face increasing visibility gaps in malware detection.
- Ransomware Monetization
- The pace at which attackers shift toward fewer, higher-value ransomware attacks amid declining overall activity.
Related topics