Around the world, banks and payment processors are reporting an explosion of mysterious tap-to-pay transactions happening nowhere near real cardholders. The European Association for Secure Transactions (EAST), for instance, has tracked a 1,500% surge in these relay-based attacks over the past year, with incidents stretching from Santiago to Singapore.

Public sector organizations face sophisticated, persistent threats — 38% of public sector organizations say their cyber resilience is insufficient compared to 10% of medium to large private businesses. With sensitive data and critical infrastructure at stake, agencies need tools that enable proactive detection and rapid investigation, all while keeping data inside a secure boundary.

Managing Web Application Firewall (WAF) rules across multiple clients is one of the most critical yet challenging tasks for MSSPs. While WAFs are essential for blocking malicious traffic and protecting applications, overly aggressive rules can trigger false positives, blocking legitimate requests, and disrupting client operations. For MSSPs false positives can lead to operational inefficiencies, client dissatisfaction, and even revenue loss.

WatchGuard has been named a Leader in the 2025 SPARK Matrix: Network Detection & Response (NDR) by QKS Group, recognizing our continued focus on delivering advanced, accessible, and high-impact security for midsize enterprises and managed service providers. The SPARK Matrix report delivers a detailed analysis of the global NDR landscape, evaluating vendors across technology excellence and customer impact.

It wasn’t long ago that we uncovered compromised extensions on Open VSX. Now, a new wave of attacks is emerging, and all signs point to the same threat actor. The technique will sound familiar: hidden malicious code injected with invisible Unicode Private Use Area (PUA) characters. We first saw this trick back in March when npm packages used PUAs to conceal payloads. Then came Open VSX. Now, the attacker seems to have turned their sights on GitHub, and their methods are evolving.

The latest 2025 Verizon Data Breach Investigations Report (DBIR) reveals a striking shift: exploitation of vulnerabilities has surged to become the initial access vector in approximately 20% of breaches, a 34% increase over the prior year. In an environment where cyber threats evolve faster than patch cycles, enterprises no longer view penetration testing as a checkbox exercise.

Welcome to The researcher’s desk – a content series where the Detectify security research team will conduct a technical autopsy on vulnerabilities that are particularly interesting, complex, or persistent. The goal here is not to report the latest research (for which you can refer to the Detectify release log); it is to take a closer look at certain vulnerabilities, regardless of their disclosure date, that still offer critical lessons.

As the foremost email storage and communications platform, Gmail’s free web-based services have penetrated every market and niche. Billions of people and organized groups depend on the company to provide email storage, organization, and integration. Considering its core importance within almost everyone’s life, there is a high anticipation that its security measures are of the highest caliber. Unfortunately, the corporation was recently the victim of a data breach.