Kaspersky detected half a million malicious files daily in 2025

Kaspersky’s detection systems recorded an average of 500,000 malicious files every day in 2025, reflecting a 7% rise compared to 2024. Several threat categories also saw sharp global increases: password stealers surged by 59%, spyware detections climbed by 51%, and backdoor detections increased by 6%. These insights come from the latest Kaspersky Security Bulletin, which reviews the key cybersecurity trends shaping the past year.

Windows users remained the most targeted group in 2025, with 48% encountering different types of cyberthreats. Among Mac users, 29% faced attempted attacks.

Global Web Threats on the Rise
Web-based attacks—malware that activates or spreads during online activity—affected 27% of users globally in 2025. While ultimately connected to Internet use, these threats can also be triggered offline if they rely on online components at any stage. Regionally, 26% of users in Latin America were targeted by web threats, followed by 25% in Africa, 21% in Europe and 19% in the Middle East.

On-Device Threats Increase, Especially in Africa
On-device threats—malware introduced through USB drives, CDs, DVDs, or bundled within complex installations—affected 33% of global users. Africa recorded the highest exposure, with 41% of users encountering such threats. APAC followed with 33%, the Middle East with 32%, Latin America with 30%, and Europe with 20%.

Speaking on the increasingly complex cyberthreat landscape, Alexander Liskin, Head of Threat Research at Kaspersky, highlighted the return of the Hacking Team—rebranded in 2019—and its use of the Dante spyware in the ForumTroll APT campaign. Many attacks continue to exploit vulnerabilities in corporate systems, with stolen credentials emerging as another major entry point. Liskin also noted a significant rise in supply chain attacks, including those targeting open-source software. This year even saw the first widespread NPM worm, Shai-Hulud. He warned that without strong cybersecurity measures, organisations risk extended downtime following an intrusion, and individual users may expose both their personal data and their workplace to danger.

More insights from the Kaspersky Security Bulletin can be found through the provided link.

Recommendations for Staying Safe

For Individual Users:

• Avoid downloading or installing apps from untrusted sources.
• Do not click on links from unknown senders or suspicious advertisements.
• Use two-factor authentication and create strong, unique passwords. A reliable password manager can help keep track of them.
• Install system and software updates as soon as they are available.
• Never disable security systems, even if prompted.
• Use a reliable security solution suited to your devices, such as Kaspersky Premium.

For Organisations:

• Keep all software updated to minimise vulnerabilities that attackers could exploit.
• Avoid exposing remote desktop tools (like RDP) to public networks; if necessary, ensure they are protected by strong passwords.
• Use advanced security solutions such as Kaspersky Next for full visibility across corporate infrastructure and rapid response to sophisticated threats.
• Rely on up-to-date Threat Intelligence to stay informed about attackers’ tools and techniques.
• Back up corporate data regularly and ensure backups are isolated from operational networks for emergency access.

As cyberthreats grow more sophisticated, both individuals and organisations must remain vigilant and adopt robust security measures to safeguard their digital environments.