1,500% Surge in New Malware: Why MSPs Must Act Now

The latest findings from WatchGuard Technologies reveal a stark reality for managed service providers: cyber threats are not only increasing—they’re evolving faster than traditional defenses can keep up.

In its newest Internet Security Report, WatchGuard identified a 1,548% spike in new, unique malware from Q3 to Q4 2025. Nearly one in four threats bypassed signature-based detection, highlighting a critical gap in reactive security models still used across many customer environments.

What the Data Shows

• Evasive malware is surging: Attackers are designing never-before-seen threats to dodge static defenses.
• Encryption hides attacks : 96% of blocked malware was delivered via TLS, making HTTPS inspection essential.
• Endpoints are under pressure: Living-off-the-land techniques and trusted Windows binaries are replacing scripts.
• Ransomware tactics are shifting: Fewer attacks, but higher-value payouts.

According to Corey Nachreiner, Chief Security Officer at WatchGuard, today’s threat landscape has simply outgrown point solutions. MSPs that succeed in 2026 will be those delivering proactive threat intelligence, unified protection, and 24/7 monitoring.

The Opportunity for MSPs

This surge in sophisticated threats is also an opportunity. MSPs who adopt modern defenses—AI-driven detection, EPDR, continuous monitoring, and layered network protection—can reduce client risk, lower support costs, and build long-term trust.

Get the Full Picture

Want to understand how these trends affect your clients and how to stay ahead?

Download the full WatchGuard 2H 2025 Internet Security Report to explore the data, insights, and recommendations shaping the future of MSP cybersecurity.