K identified an average of 500,000 malicious files per day in 2025, representing a 7 % increase compared to the previous year.
MALICIOUS ATTACKS
Kaspersky detected half a million malicious files daily in 2025 compared with 25 % in Africa, 21 % in Europe and 19 % in the Middle East.
On-device threats accounted for attacks on 33 % of users worldwide. These include malware spread via removable media such as USB drives, CDs and DVDs, or threats delivered in non-open formats including encrypted files or complex installers. Africa recorded the highest exposure, with 41 % of users attacked, followed by APAC at 33 %, the Middle East at 32 %, Latin America at 30 % and Europe at 20 %.
Africa headed the rating with 41 % of users attacked with this type of threat, followed by APAC at 33 %, the Middle East at 32 %, Latin America at 30 % and Europe at 20 %.
Alexander Liskin, Head of Threat Research at Kaspersky, said:“ The current cyberthreat landscape is defined by increasingly sophisticated attacks on organisations and individuals around the world. One of the most significant revelations made by Kaspersky this year was the resurgence of the Hacking Team after its 2019 rebranding, with its commercial spyware Dante used in the ForumTroll APT campaign, incorporating zero-day exploits in Chrome and Firefox browsers. aspersky’ s detection systems
K identified an average of 500,000 malicious files per day in 2025, representing a 7 % increase compared to the previous year.
Several threat categories recorded significant growth worldwide, including a 59 % surge in password stealer detections, a 51 % increase in spyware detections and a 6 % rise in backdoor detections year on year.
These findings form part of the Kaspersky Security Bulletin series, which reviews the most significant cybersecurity trends observed over the past year.
Windows continued to be the primary target for cyberattacks, with 48 % of Windows users targeted by various types of threats during 2025. Among Mac users, the figure stood at 29 %.
Globally, 27 % of users encountered webbased threats, defined as malware that targets users while they are online, even if Internet connectivity is only required at one stage of the attack. In Latin America, 26 % of users were affected by web threats,
Vulnerabilities remain the most popular way for attackers to get into corporate networks.
“ Vulnerabilities remain the most popular way for attackers to get into corporate networks, followed by using stolen credentials – hence the rise in password stealers and spyware we see this year. Supply chain attacks are also common, including attacks on open-source software. This year the number of such attacks increased significantly, and we even saw the first widespread NPM worm Shai-Hulud.
“ This increasingly complex threat landscape makes implementing robust cybersecurity strategies vital for organisations, as failure to do so can lead to months of downtime in the event of attacks. Individual users should also always use reliable security solutions, otherwise they put not only their data and money at risk, but also those of the organisations where they work.”
30 WWW. INTELLIGENTCISO. COM