The detection systems of cyber security specialists discovered an average of 500,000 malicious files per day in 2025, marking a 7% increase from the previous year.
Certain types of threats saw increases globally – for example, there was a 59% increase in password stealer detections, a 51% increase in spyware detections and a 6% increase in backdoor detections compared to 2024.
These findings are part of the Kaspersky Security Bulletin series, which analyzes the main cybersecurity trends of the past year.
Windows remains the main target for cyber attacks. 48% of Windows users were targeted by various types of threats during the year 2025. For Mac users, this figure is 29%.
Web threats
Globally, 27% of users have been attacked with web threats – these refer to malware that affects users when they are online. Web threats are not limited to online activity, but ultimately involve the Internet at some point to cause damage.
On-device threats
33% of users have been attacked with on-device threats. These include malware spread via USB sticks, CDs and DVDs, or which initially arrive on the computer in unopened form (eg programs in complex installers, encrypted files, etc.).
How you can protect yourself
To stay protected, cybersecurity experts have made the following recommendations:
Individual users:
• Do not download or install applications from unverified sources
• Do not click on links from unknown sources or suspicious online advertisements
• Always use two-step authentication when available. Create strong and unique passwords using uppercase and lowercase letters, numbers and punctuation. Use a trusted password manager to retain them
• Always install updates when they become available; they contain fixes for critical security issues
• Ignore messages asking to disable security systems for desktop or cyber security software
• Use a robust security solution that’s right for your type of system and devices.
organizations:
• Always keep software up-to-date on all devices to prevent attackers from infiltrating by exploiting vulnerabilities
• Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them
• Use advanced products for complete visibility across the entire corporate infrastructure to quickly detect, prioritize, investigate and neutralize complex threats and APT attacks
• Use the latest Threat Intelligence to stay on top of TTPs used by threat actors
• Back up corporate data regularly. Backups should be isolated from the network.
