Password Stealers and Spyware Skyrocket; Africa and Windows Users Remain Top Targets for Sophisticated Attacks.
Kaspersky’s detection systems have sounded the alarm on a dramatic rise in global cyber threats, reporting an average of 500,000 malicious files discovered daily in 2025. This staggering figure marks a 7% increase compared to the previous year, highlighting an ever-intensifying threat landscape for organizations and individuals worldwide.
These findings are central to the latest Kaspersky Security Bulletin, which reviews key cybersecurity trends from the past year.
The data reveals a stark regional disparity in threat exposure, particularly concerning malware spread through physical means or complex installers.
Africa headed the global rating for on-device threats (malware spread via USB drives, CDs, or non-open form installers) with 41% of users attacked.
This was followed by APAC at 33%, the Middle East at 32%, Latin America at 30%, and Europe at 20%.
Globally, 27% of users were attacked with web threats, malware that targets users while they are online or involves the internet at some stage to inflict harm.
| Region | Percentage of Users Attacked by On-Device Threats |
| Africa | 41% |
| APAC | 33% |
| Middle East | 32% |
| Latin America | 30% |
| Europe | 20% |
Specific categories of malware saw explosive growth in 2025, indicating a shift towards attacks focused on reconnaissance and credential theft:
- Password Stealer detections surged by 59%.
- Spyware detections grew by 51%.
- Backdoor detections increased by 6%.
“The current cyberthreat landscape is defined by increasingly sophisticated attacks on organizations and individuals around the world,” comments Alexander Liskin, Head of Threat Research at Kaspersky.
Liskin noted that the resurgence of commercial spyware, such as the ForumTroll APT campaign utilizing the Hacking Team’s spyware Dante with zero-day exploits, underscores the sophistication of current threats.
“Vulnerabilities remain the most popular way for attackers to get into corporate networks, followed by using stolen credentials, hence the rise in password stealers and spyware we see this year.”
When it comes to platforms, the data is clear on the primary target:
- Windows remains the dominant target, with 48% of Windows users being targeted by various types of threats throughout 2025.
- For Mac users, this figure stood at 29%.
The report stresses that vulnerabilities and stolen credentials are the most common entry points into corporate networks, which also explains the significant rise in password stealers and spyware. The past year also saw a substantial increase in supply chain attacks, including the first widespread NPM worm, Shai-Hulud.
Given this increasingly complex environment, Kaspersky urges both organizations and individual users to implement robust security strategies: For Organizations:
- Update Software: Keep all software updated to patch critical security issues and prevent network infiltration via vulnerabilities.
- Secure Remote Services: Do not expose remote desktop services (like RDP) to public networks unless essential, and always use strong passwords.
- Advanced Security: Utilize comprehensive security solutions (e.g., Kaspersky Next) for full visibility to rapidly hunt, investigate, and neutralize complex threats.
- Threat Intelligence: Stay informed on actual Tactics, Techniques, and Procedures (TTPs) used by threat actors using the latest Threat Intelligence.
- Data Backup: Regularly back up corporate data and ensure backups are isolated from the network for quick access in an emergency.
For Individual Users:
- Source Control: Avoid downloading and installing applications from untrusted sources or clicking suspicious links/online advertisements.
- Strong Authentication: Always use two-factor authentication when available, and create strong, unique passwords using a reliable password manager.
- Keep Up-to-Date: Always install updates to patch critical security issues.
- Robust Security: Use a security solution appropriate to your system and devices.
