Kaspersky’s detection systems discovered an average of 500,000 malicious files per day in 2025, marking a 7% increase compared to the previous year. Certain types of threats saw growth globally – there was a 59% surge in password stealer detections, a 51% growth in spyware detections and a 6% growth in backdoor detections compared to 2024. These findings are part of the Kaspersky Security Bulletin series where we review the key cybersecurity trends of the past year, a press release said.
Windows users faced the highest cyber risks in 2025, with 48% targeted compared to 29% of Mac users. Globally, 27% encountered web-based attacks requiring internet involvement, while 33% faced on-device threats spread through USBs, discs, or concealed installers.
From 2024–2025, all regions saw rising cyberthreats, notably sharp surges in password stealers and spyware. APAC and Europe faced the steepest jumps, while LATAM, Africa, and CIS also showed significant malware growth.
“The current cyberthreat landscape is defined by increasingly sophisticated attacks on organizations and individuals around the world. One of the most significant revelations made by Kaspersky this year was the resurgence of the Hacking Team after its 2019 rebranding, with its commercial spyware Dante used in the ForumTroll APT campaign, incorporating zero-day exploits in Chrome and Firefox browsers. Vulnerabilities remain the most popular way for attackers to get into corporate networks, followed by using stolen credentials – hence the rise in password stealers and spyware we see this year. Supply chain attacks are also common, including attacks on open-source software. This year the number of such attacks increased significantly, and we even saw the first widespread NPM worm Shai-Hulud,” comments Alexander Liskin, Head of Threat Research at Kaspersky. “This increasingly complex threat landscape makes implementing robust cybersecurity strategies vital for organizations, as failure to do so can lead to months of downtime in the event of attacks. Individual users should also always use reliable security solutions, otherwise they put not only their data and money at risk, but also those of the organizations where they work.”
Follow this link to learn more about other KSB reports.
To stay protected, individual users should avoid downloading apps or clicking links from untrusted sources, enable two-factor authentication, use strong unique passwords with a password manager, and install updates promptly. They should also ignore messages urging them to disable security tools and rely on a robust solution like Kaspersky Premium.
Organizations should keep all software updated, avoid exposing remote desktop services publicly, and enforce strong passwords. They are advised to use Kaspersky Next for full infrastructure visibility and advanced protection, apply the latest Threat Intelligence to stay informed about threat actors’ tactics, and maintain regular, isolated backups for emergency recovery.
All statistics in this report are sourced from Kaspersky Security Network (KSN), covering November 2024 to October 2025.
