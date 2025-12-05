Kaspersky’s detection systems discovered an average of 500,000 malicious files per day in 2025, marking a 7% increase compared to the previous year. Certain types of threats saw growth globally.

For instance, there was a 59% surge in password stealer detections, a 51% growth in spyware detections, and a six per cent growth in backdoor detections compared to 2024.

These findings are part of the Kaspersky Security Bulletin series, where the company reviews the key cybersecurity trends of the past year.

According to the bulletin, Windows remains the primary target for cyberattacks. 48 per cent of Windows users were targeted by different threats throughout 2025.

In comparison, the figure stands at 29 per cent for Mac users. Globally, 27 per cent of users were attacked with web threats – these refer to malware that targets users when they are online. Web threats are not limited to online activity, but ultimately involve the internet at some stage to inflict harm.

In Latin America, 26 per cent of users were attacked by web threats in 2025, while this share reached 25 per cent in Africa, 21 per cent in Europe and 19 per cent in the Middle East. 33% of users were attacked with on-device threats.

These include malware spread via removable USB drives, CDs, and DVDs, or that initially makes its way onto the computer in non-open form (for example, programs in complex installers, encrypted files, etc.).

Africa led the ratings, with 41 per cent of users attacked by this type of threat; APAC reached 33 per cent, the Middle East 32 per cent, Latin America 30 per cent, and Europe 20 per cent.

Alexander Liskin, Head of Threat Research at Kaspersky, said:“Vulnerabilities remain the most popular way for attackers to get into corporate networks, followed by using stolen credentials – hence the rise in password stealers and spyware we see this year. Supply chain attacks are also common, including attacks on open-source software.

This year the number of such attacks increased significantly, and we even saw the first widespread NPM worm Shai-Hulud.” “This increasingly complex threat landscape makes implementing robust cybersecurity strategies vital for organisations, as failure to do so can lead to months of downtime in the event of attacks.

Individual users should also always use reliable security solutions, otherwise they put not only their data and money at risk, but also those of the organisations where they work, ” Alexander added. To stay protected, follow the recommendations below.

Individual users: Do not download and install applications from untrusted sources. Do not click on any links from unknown sources or suspicious online advertisements. Always use two-factor authentication when available. Create strong and unique passwords, using a mix of lower-case and upper-case letters, numbers, and punctuation.

Use a reliable password manager to help to remember them. Always install updates when they become available; they contain fixes for critical security issues.

Organisations: Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities.

Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them.

Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors. Back up corporate data regularly. Backups should be isolated from the network. Make sure you can quickly access the backups in an emergency if needed.