Kaspersky Reports Detecting 500,000 Malicious Files Daily in 2025

Cybersecurity firm Kaspersky says it detected an average of 500,000 malicious files per day in 2025, representing a seven percent increase from the previous year as global cyber threats continue to intensify.

According to the company’s annual threat landscape report, several categories of malware saw significant year-on-year growth. Password stealers jumped by 59 percent, spyware detections rose by 51 percent, and backdoor malware increased by six percent, signalling a broader shift toward persistent, credential-harvesting attacks.

Windows Users Hit Hardest

Windows remained the most targeted platform in 2025. Kaspersky found that 48% of Windows users encountered at least one cyber threat during the year. Among Mac users, the figure stood at 29%, reflecting that macOS, while comparatively safer, is far from immune to modern malware campaigns.

Web Threats Remain Widespread

Globally, 27% of users faced web-based threats, i.e., attacks that occur while users are online or rely on the internet at some stage of execution.

Regionally, the highest exposure was recorded in:

• Latin America: 26%
• Africa: 25%
• Europe: 21%
• Middle East: 19%

On-Device Threats Also Surged

Kaspersky also documented a high rate of on-device attacks, affecting 33% of users worldwide. These threats spread through USB drives, CDs, DVDs, and bundled or encrypted installers.

Africa topped this category as well, with 41% of users experiencing on-device attacks. APAC regions recorded 33%, the Middle East 32%, Latin America 30%, while Europe stood at 20%.

Kaspersky Issues Safety Guidelines

The report urges users to exercise caution by avoiding downloads from untrusted sources, steering clear of unknown links and suspicious ads, enabling two-factor authentication, and regularly installing security updates, which often include critical vulnerability fixes.

“The current cyberthreat landscape is defined by increasingly sophisticated attacks on organizations and individuals around the world. One of the most significant revelations made by Kaspersky this year was the resurgence of the Hacking Team after its 2019 rebranding, with its commercial spyware Dante used in the ForumTroll APT campaign, incorporating zero-day exploits in Chrome and Firefox browsers. Vulnerabilities remain the most popular way for attackers to get into corporate networks, followed by using stolen credentials – hence the rise in password stealers and spyware we see this year. Supply chain attacks are also common, including attacks on open-source software. This year the number of such attacks increased significantly, and we even saw the first widespread NPM worm Shai-Hulud,” commented Alexander Liskin, Head of Threat Research at Kaspersky.

All statistics in this report come from Kaspersky Security Network (KSN). For 2025, the statistics cover the period from November 2024 through October 2025.