Galileo Threat Research | DataDome

Filter

All

Threat Research

Reports

Press

DataDome

Threat research

Attacks on Sports-Betting Platforms Ramp Up Amid 2026 FIFA World Cup

DataDome

Threat research

Introducing Proof of Browser: How DataDome Blocked 14 Million Bypass Attempts

DataDome

Threat research

How Browser Vendors Are Quietly Making Automation Harder to Detect

DataDome

Threat research

How DataDome Stopped a 2.45B-Request DDoS Attack Against a High-Traffic Content Platform

DataDome

Threat research

How Chrome’s New AI Web APIs Are Enabling Hardware Fingerprinting

DataDome

Threat research

How DataDome Blocked an 80M-Request Scraping Attack on a Leading Review Platform

DataDome

Threat research

The AI Traffic Report: High Volume, Low Visibility, and a Growing Risk

DataDome

Threat research

Inside Kimwolf Traffic: How Residential Proxies Fuel Credential Stuffing, Web Scraping, & Fraud

DataDome

Threat research

How Threat Actors Turned OpenClaw Into a Scraping Botnet

DataDome

Threat research

Scarcity in DDR5 RAM Fueled by AI Demand Sparks Massive Scalping Surge

DataDome

Threat research

The AI Agent Identity Crisis: 80% of Agents Don’t Properly Identify Themselves, 80% of Sites Don’t Verify

February 26, 2026

DataDome

Threat research

Double Agents: Attackers Abusing Identity by Weaponizing AI Agents

February 9, 2026

DataDome

Threat research

When Surging AI Referral Traffic is Actually Bad Bots

February 5, 2026

DataDome

Threat research

How DataDome Stopped Millions of Ticket Scalping Bots Targeting a Global Sports Organization

February 2, 2026

DataDome

Bot & fraud protection

135% Surge: Inside the Holiday Bot Attacks of December 2025

January 8, 2026

DataDome

Agent trust management

The Great Masquerade: How AI Agents Are Spoofing Their Way In

December 11, 2025

DataDome

Bot & fraud protection

The End of Fingerprinting As We Know It: How Browser Privacy Protections Are Reshaping Bot Detection

December 4, 2025

DataDome

Bot & fraud protection

Size ≠ Security: Bigger Businesses Still Fail at Bot Protection

November 24, 2025

DataDome

Bot & fraud protection

Security Alert: Retailers Brace for a Wave of Fake Shoppers This Black Friday

November 18, 2025

DataDome

Agent trust management

From Bots to Buyers: With Agentic AI, Bot Management Becomes Core Infrastructure

November 13, 2025

DataDome

Bot & fraud protection

Which Industries Are Most & Least Protected from Bad Bots & Unwanted AI Traffic in 2025

October 30, 2025

DataDome

Bot & fraud protection

How the AI Traffic Surge Is Redefining Digital Trust in 2025

October 14, 2025

DataDome

Bot & fraud protection

The Web’s Bot Problem Isn’t Getting Better: Insights From the 2025 Global Bot Security Report

September 30, 2025

DataDome

Threat research

Beyond robots.txt: Exposing the Cracks in AI Agent Policy Enforcement

September 16, 2025

authenticating ai agents

Threat research

Signed, Sealed, and Delivered: The Case for Authenticating AI Agents

August 20, 2025

behavioral detection

Bot & fraud protection

How DataDome Blocked 214M+ Malicious Requests With Server-Side Behavioral Detection

August 11, 2025

DataDome

Threat research

Detecting & Authenticating ChatGPT Agent: A New Standard for Bot Management

DataDome

Bot & fraud protection

How Proxy Providers Obtain Residential Proxies

credential stuffing

Threat research

How DataDome Protected a Global Fintech Platform From a Week-Long Credential Stuffing Attack

llm crawlers

Threat research

AI Agents at the Gate: Understanding & Securing Against LLM Crawlers

Alert: Security Gaps Allow Bots to Exploit UK Driving Test Booking System

Threat research

Alert: Security Gaps Allow Bots to Exploit UK Driving Test Booking System

DataDome

Bot & fraud protection

How DataDome Instantly Blocked a 28M-Request Flash DDoS Attack For a $3B E-Commerce Leader

2025 Tax Season Security Alert

Threat research

Security Alert: Tax Season Brings Increased Risk of Credential Stuffing Attacks

How DataDome Defended a Marketplace with 90 Million Users from Flash DDoS Attacks

Bot & fraud protection

How DataDome Defended a Marketplace with 90 Million Users from Flash DDoS Attacks

February 13, 2025

Super Bowl betting under attack: weak security puts users and winnings at risk

Bot & fraud protection

Super Bowl Betting Under Attack: Weak Security Puts Users & Winnings at Risk

February 4, 2025

Why The Rise of AI Agents Demands a New Approach to Fraud Prevention

Threat research

Why The Rise of AI Agents Demands a New Approach to Fraud Prevention

January 27, 2025

NYC Restaurant Week Security Alert

Bot & fraud protection

Security Alert: Bots Target NYC Restaurant Week

January 21, 2025

DataDome

Learning center

Genetic Algorithms: Using Natural Selection to Block Bot Traffic

November 21, 2024

DataDome

Threat research

Security Alert: Fake Accounts Threaten Black Friday Gaming Sales

November 18, 2024

DataDome

Learning center

Terrifying Trends in the 2024 Cyber Threat Landscape

October 31, 2024

DataDome

Threat research

The Evolution of Automated Browser Detection: A Cat & Mouse Game

October 17, 2024

DataDome

Learning center

Less Than 5% of Advanced Bots Blocked: Insights from the 2024 Global Bot Security Report

October 11, 2024

DataDome

Learning center

E-Commerce Protection Lags Behind: Insights from the 2024 Global Bot Security Report

October 4, 2024

DataDome

Bot & fraud protection

How DataDome Protected Grocery Chains from a Mobile App Credential Stuffing Attack

September 26, 2024

DataDome

Bot & fraud protection

How DataDome Protected a US News Website from a 12-Hour DDoS Attack

September 19, 2024

DataDome

Threat research

Global Bot Security Report Findings: 2 in 3 Websites Are Unprotected

September 17, 2024

DataDome

Threat research

Comparing Anti-Detect Browsers & Bots-as-a-Service

September 10, 2024

Security Alert: U.K. Political Donation Sites at Risk

Bot & fraud protection

Security Alert: U.K. Political Donation Sites at Risk

August 21, 2024

Security Alert: U.S. Political Donation Sites at Risk

Bot & fraud protection

Security Alert: U.S. Political Donation Sites at Risk

August 20, 2024

DataDome

Bot & fraud protection

How DataDome Protected an American Luxury Fashion Website from Aggressive Scrapers

How DataDome Protected a Cashback Website from an Aggressive Credential Stuffing Attack

Bot & fraud protection

How DataDome Protected a Cashback Website from an Aggressive Credential Stuffing Attack

The State of Bots 2024 Changes to the Bot Ecosystem

Threat research

The State of Bots 2024: Changes to the Bot Ecosystem

How DataDome Detects Puppeteer Extra Stealth

Threat research

How DataDome Detects Puppeteer Extra Stealth’s iframe Evasion

DataDome

Bot & fraud protection

How DataDome Protected an Event Ticketing Platform from a Distributed Fake Account Creation Attack

Proxies as a Service How to Identify Proxy Providers via Bots as a Service

Threat research

Proxies as a Service: How to Identify Proxy Providers via Bots as a Service

How New Headless Chrome & the CDP Signal Are Impacting Bot Detection

Threat research

How New Headless Chrome & the CDP Signal Are Impacting Bot Detection

How DataDome Protects AI Apps from Prompt Injection & Denial of Wallet Attacks

Bot & fraud protection

How DataDome Protects AI Apps from Prompt Injection & Denial of Wallet Attacks

How GenAI Uses Retrieval Augmented Generation & What It Means for Your Business

Learning center

How GenAI Uses Retrieval-Augmented Generation & What It Means for Your Business

How DataDome Protected an E Learning Platform from a Massive DDoS Attack

Bot & fraud protection

How DataDome Protected a Leading E-Learning Platform from a Massive DDoS Attack

How DataDome Protected a Major Asian Gaming Platform from a 3 Week, Distributed Credential Stuffing Attack

Bot & fraud protection

How DataDome Protected a Major Asian Gaming Platform from a 3-Week, Distributed Credential Stuffing Attack

How DataDome’s Anti DDoS Mode Protected a Leading US News Website

Bot & fraud protection

How DataDome’s Anti-DDoS Mode Protected a Leading US News Website

The Art of Bot Detection How DataDome Uses Picasso for Device Class Fingerprinting

Bot & fraud protection

The Art of Bot Detection: How DataDome Uses Picasso for Device Class Fingerprinting

February 8, 2024

Antoine Vastel, How Google Bard Utilizes Your Business’ Content (for free)

Learning center

How Google Bard Utilizes Your Business’ Content (For Free)

November 29, 2023

Antoine Vastel, What You Need to Know About the New Bing GPT Integration

Learning center

What You Need to Know About the New Bing GPT Integration

November 2, 2023

Anatomy of a Distributed Scraping Attack

Learning center

Anatomy of a Distributed Scraping Attack

September 28, 2023

How ChatGPT Plugins Work, Antoine Vastel

Learning center

How ChatGPT Plugins Work & What They Mean for Your Business

DataDome

Bot & fraud protection

How ChatGPT & OpenAI Might Use Your Content, Now & in the Future

DataDome

Bot & fraud protection

How to Detect Attacks Using Coarse-Grained Features

How OpenBullet is used to attack websites and how to stop it

Bot & fraud protection

How OpenBullet Is Used To Attack Websites & How To Block It

DataDome

Bot & fraud protection

How to Identify Suspect Temporal Patterns in Traffic Data

DataDome

Bot & fraud protection

How to CAPTCHA Confidence: DataDome’s CAPTCHA Results Prove Promising

Detecting Scraping Attacks

Bot & fraud protection

How to Detect Web Scraping Attacks

February 14, 2023

E Commerce Holiday Bot & Fraud Report, Antoine Vastel

Bot & fraud protection

DataDome’s Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the US as the Top Source of Bot Attacks

February 7, 2023

Bots Evolving Todays Top Threats

Bot & fraud protection

How Bots Are Evolving—Today’s Top Threats

January 30, 2023

Is PhantomJS dead? How to detect PhantomJS made browsers.

Bot & fraud protection

Is PhantomJS dead? Detecting PhantomJS headless browsers.

January 17, 2023

How to Monitor ML Models Without Labels

Bot & fraud protection

How to Monitor ML Models Without Labels

January 5, 2023

How to Outsmart Scalping

Bot & fraud protection

How to Outsmart Scalping—A Never-Ending Saga

December 8, 2022

Label Engineering for Supervised Bot Detection Models

Bot & fraud protection

Label Engineering for Supervised Bot Detection Models

December 1, 2022

Detecting Selenium Chrome

Bot & fraud protection

Detecting Selenium Chrome

November 22, 2022

Stopping Bots With Sliceline Machine Learning Antoine D

Bot & fraud protection

How to Stop Bots With Sliceline Machine Learning

November 3, 2022

5 Scariest Bot Attacks of 2022

Bot & fraud protection

5 Scariest Bot Attacks of 2022, Blocked by DataDome

October 31, 2022

ISP Proxies What and Why Antoine V

Bot & fraud protection

What are ISP proxies and why do bot operators love them?

October 18, 2022

TLS Fingerprinting DataDome Protection Omar

Bot & fraud protection

How TLS Fingerprinting Reinforces DataDome’s Protection

October 4, 2022

Using Sliceline to Spot ML Model Errors – Antoine de Daran

Using Sliceline to Spot ML Model Errors

September 27, 2022

https://datadome.co/wp content/uploads/2022/08/Evolution of Bots Forging CAPTCHAs – Antoine Vastel.png

Bot & fraud protection

The Evolution of Bots Forging CAPTCHAs, a Firsthand Report

August 22, 2022

How Attackers Find Use Free Proxies – Antoine Vastel

Bot & fraud protection

How Attackers Find & Use Free Proxies

DataDome Open Sources Machine Lerning Package Sliceline – Antoine de Daran

Bot & fraud protection

DataDome Open-Sources Its First Machine Learning Package: Sliceline

Bot Proxy Landscape 2022 – Antoine Vastel

Bot & fraud protection

Bot Proxy Landscape in 2022

Tale of Heavily Distributed Credential Stuffing Attack – Antoine Vastel

Bot & fraud protection

The Tale of a Heavily Distributed Credential Stuffing Attack

ML to Detect Residential Proxies – Antoine Vastel

Bot & fraud protection

How to Use Machine Learning to Detect Residential Proxies

Client Side Signals_ A Must Have for Detecting Sophisticated Attacks – Antoine Vastel

Bot & fraud protection

Why Client-Side Signals are a Must-Have for Detecting Sophisticated Attacks

Inside a Sneaker Bot Business – Antoine Vastel

Threat research

Inside a Sneaker Bot Business

Bot SOC Team FAQ

Bot & fraud protection

How does DataDome’s bot SOC team work?

Puppeteer Extra Plugin Stealth – Antoine Vastel

Bot & fraud protection

Detecting Headless Chrome’s Puppeteer Extra Stealth Plugin with JavaScript Browser Fingerprinting

Tracking Modified Selenium ChromeDriver, Antoine Vastel

Bot & fraud protection

Tracking Modified Selenium ChromeDriver

February 24, 2022

Head of Research Antoine Vastel, PhD–DataDome Q&A

Meet Our Head of Research: Q&A With Antoine Vastel, PhD

February 17, 2022

BaaS_ Secret Weapon Distributed Scraping – Antoine Vastel

Bot & fraud protection

BaaS: The Secret Weapon for Heavily Distributed Scraping

February 7, 2022

Lead Data Scientist Konstantina Kontoudi, PhD–DataDome Q&A

Meet the Woman in Charge of Data Science at DataDome: Q&A With Konstantina Kontoudi, PhD

January 25, 2022

DataDome

Learning center

Log4Shell: What have we learned about the Log4j vulnerability so far?

December 17, 2021

DataDome

Threat research

How Facebook Was Used as a Proxy by Web Scraping Bots

November 5, 2020

Forrester Wave: Bot & Agent Trust Management Software 2026

The Forrester Wave™: Bot And Agent Trust Management Software, Q2 2026

DataDome

The Future of Search and Discovery for Agentic Commerce

January 13, 2026

DataDome

2025 Global Bot Security Report

September 30, 2025

DataDome

The Forrester Wave™: Bot Management Software, Q3 2024

November 7, 2024

DataDome

2024 Bot Security Report

October 29, 2024

DataDome

Memory scalpers hunt scarce DRAM with bot blitz

DataDome

80 percent of retail sites vulnerable to AI agent spoofing

February 23, 2026

DataDome

The New Shopper Isn’t Human

January 26, 2026

DataDome

The $9 Trillion Blind Spot: Why Most E-Commerce Leaders Are Unprepared For AI Agent Traffic

January 13, 2026

DataDome

The AI bots weaponizing Black Friday shopping: now there’s a new one to watch!

November 25, 2025

DataDome

AI-driven fake shoppers target Black Friday retailers

November 18, 2025

DataDome

AI Agents Present New Risks & Most Sites Aren’t Ready

November 3, 2025

DataDome

Why some publishers are flipping their position on whether to block AI bots

October 16, 2025

DataDome

Can AI replace your morning newsletter? OpenAI is betting on it

October 7, 2025

DataDome

Besting The Bots: Most Publishing Firms Are Failing At Detection

October 1, 2025

DataDome

DataDome’s 2025 Global Bot Security Report Exposes the AI Traffic Crisis

September 30, 2025

DataDome

AI Crawlers Are Reshaping the Web—And DataDome Is Drawing the Line

DataDome

Learner drivers face six-month wait for a test and spiralling costs as backlog hits record high

DataDome

Scalper Bots Fueling DVSA Driving Test Black Market