Cybersecurity company Kaspersky found an average of 500,000 malicious files per day in 2025, a 7% increase from the previous year. The company said password stealers grew by 59% worldwide, spyware cases rose by 51%, and backdoor detections increased by 6% compared to 2024.
Kaspersky published the findings as part of its annual Security Bulletin, which tracks major cybersecurity trends. The statistics were taken from the Kaspersky Security Network, covering November 2024 to October 2025.
“The current cyberthreat landscape is defined by increasingly sophisticated attacks on organizations and individuals around the world,” said Alexander Liskin, head of threat research at Kaspersky.
Windows continued to be the main target for attackers, with 48% of Windows users facing different types of threats during the year. About 29% of Mac users experienced similar risks.
Around 27% of users worldwide encountered web-based threats, which involve malicious activity that uses the internet at some point, even if the attack doesn’t happen entirely online. Another 33% were hit by threats that spread through devices such as USB drives, CDs, or files packed inside installers or encrypted formats.
In the Asia Pacific region, password stealer detections grew by 132% from 2024 to 2025, while spyware detections increased by 32%.
Kaspersky also highlighted the renewed activity of the Hacking Team, which rebranded in 2019. Its commercial spyware, Dante, was reportedly used in the ForumTroll advanced persistent threat campaign and linked to zero-day vulnerabilities in Chrome and Firefox.
The company said attackers continued to rely on unpatched system vulnerabilities to break into corporate networks. Stolen login details also remained a common entry point, contributing to the rise in password stealers and spyware. Supply chain attacks, including those involving open-source software, also persisted.
“This year the number of such attacks increased significantly, and we even saw the first widespread NPM worm Shai-Hulud,” Liskin said. “This increasingly complex threat landscape makes implementing robust cybersecurity strategies vital for organizations, as failure to do so can lead to months of downtime in the event of attacks. Individual users should also always use reliable security solutions, otherwise they put not only their data and money at risk, but also those of the organizations where they work.”