Kaspersky revealed existing vulnerabilities in business networks continue to leave Indian enterprises exposed to possible cyberattacks.
More than seven lakh (7,34,526) of exploits targeting organizations in India were blocked by Kaspersky enterprise solutions from January to June 2025, just a little over 4,000 a day, on average.
Exploits are a type of malicious program designed to take advantage of bugs or vulnerabilities in software or operating systems to gain unauthorized access. When left unpatched, these weak points serve as open doors for cybercriminals.
Globally in Q2 2025, the most common exploits targeted vulnerable Microsoft Office products that contained unpatched security flaws, according to another Kaspersky report. Kaspersky solutions detected the most exploits on the Windows platform for the following vulnerabilities:
· CVE-2018-0802: a remote code execution vulnerability in the Equation Editor component
· CVE-2017-11882: another remote code execution vulnerability, also affecting Equation Editor
· CVE-2017-0199: a vulnerability in Microsoft Office and WordPad allowing an attacker to gain control over the system
The report also showed that the top 10 most exploited vulnerabilities included both new zero-day flaws and older, unpatched issues that organizations continue to overlook. A zero-day vulnerability is a software vulnerability discovered by attackers before the vendor has become aware of it. Because the vendors are unaware, no patch exists for zero-day vulnerabilities, making attacks likely to succeed.
Cybercriminals, and in some cases even advanced persistent threat (APT) groups, focused on widely used tools such as remote access software, document editors, and logging systems. What is especially notable is that low-code/no-code (LCNC) platforms and a framework for AI-powered applications also entered the list, signaling that attackers are moving fast to exploit newer technologies as businesses adopt them. Their main goals remain consistent: to gain system access and escalate privileges, giving them deeper and often long-term control inside corporate networks.
LCNC platforms are development tools that let common users build applications through visual interfaces and user-friendly drag-and-drop components, with minimal or no need for traditional coding knowledge. These allow both non-technical users and professional IT teams to quickly create web and mobile apps by combining pre-built templates and connecting them through intuitive visual tools.
“An almost 4% rise in exploits we blocked against Indian businesses during the first six months of the year may not sound big on paper, but it shows how persistent these threat actors are. This is where threat intelligence makes all the difference, it tells Indian businesses which doors the criminals are already rattling, so they can lock them before it’s too late,” comments Adrian Hia, Managing Director for Asia Pacific at Kaspersky.
Overall, Kaspersky enterprise solutions detected and stopped 22,96,414 web threats in the first half of 2025. A 13.7% increase compared to the same period last year.
Web threats refer to malware programs that can target you when you're using the internet. Web threats are not limited to online activity but ultimately involve the internet at some stage for inflicted harm.
𝐒𝐭𝐚𝐲 𝐢𝐧𝐟𝐨𝐫𝐦𝐞𝐝 𝐰𝐢𝐭𝐡 𝐨𝐮𝐫 𝐥𝐚𝐭𝐞𝐬𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐛𝐲 𝐣𝐨𝐢𝐧𝐢𝐧𝐠 𝐭𝐡𝐞 WhatsApp Channel now! 👈📲
𝑭𝒐𝒍𝒍𝒐𝒘 𝑶𝒖𝒓 𝑺𝒐𝒄𝒊𝒂𝒍 𝑴𝒆𝒅𝒊𝒂 𝑷𝒂𝒈𝒆𝐬 👉 Facebook, LinkedIn, Twitter, Instagram
