New Delhi: Cybersecurity company Kaspersky has revealed that Indian enterprises continue to face serious exposure to cyberattacks due to existing vulnerabilities in their business networks.
Between January and June 2025, Kaspersky enterprise solutions blocked more than 7,34,526 exploit attacks targeting organizations in India, averaging over 4,000 attempted breaches every day.
What are Exploits?
Exploits are malicious programs that take advantage of bugs or flaws in software or operating systems to gain unauthorized access. When left unpatched, these vulnerabilities act as open entry points for cybercriminals. Kaspersky’s findings indicate that many Indian organizations are still struggling to close these security gaps, making them easy targets for attackers.
Adrian Hia, Managing Director for Asia Pacific at Kaspersky, highlighted, “An almost 4% rise in exploits we blocked against Indian businesses during the first six months of the year may not sound big on paper, but it shows how persistent these threat actors are. This is where threat intelligence makes all the difference. It tells Indian businesses which doors the criminals are already rattling, so they can lock them before it’s too late.”
Microsoft Office Products Remain Top Targets
Globally, in the second quarter of 2025, Kaspersky detected the highest number of exploits targeting vulnerable Microsoft Office products that contained unpatched security flaws. The most exploited vulnerabilities were:
- CVE-2018-0802: Remote code execution vulnerability in the Equation Editor component
- CVE-2017-11882: Another Equation Editor vulnerability allowing remote code execution
- CVE-2017-0199: Vulnerability in Microsoft Office and WordPad that enables attackers to gain control over systems
Kaspersky noted that these vulnerabilities, some dating back several years, continue to be exploited because many organizations have failed to apply critical patches.
Old and New Threats Coexist
The report found that the top 10 most exploited vulnerabilities included both newly discovered zero-day flaws and older, unpatched issues. Zero-day vulnerabilities are particularly dangerous because attackers discover them before software vendors are aware, meaning no security fix exists at the time of attack.
Cybercriminals and advanced persistent threat (APT) groups are increasingly targeting commonly used tools like remote access software, document editors, and system logging platforms. Alarmingly, Kaspersky also observed that low-code/no-code (LCNC) platforms and frameworks used for AI-powered applications are now being exploited, reflecting how attackers are adapting to the latest technologies businesses are adopting.
Rising Web Threats
Beyond exploits, Kaspersky also detected and blocked 22,96,414 web threats in India during the first half of 2025, a 13.7% increase compared to the same period last year. Web threats are malware programs that use the internet at some stage to compromise users or systems, whether through phishing, drive-by downloads, or malicious websites.
Kaspersky’s Security Recommendations
With rising attack volumes and evolving tactics, Kaspersky urged Indian organizations to strengthen their security by:
- Investigating vulnerabilities only within secure virtual environments
- Ensuring 24/7 infrastructure monitoring, especially for perimeter defenses
- Maintaining a robust patch management process using automated tools
- Deploying comprehensive protection tools that detect and block malware, support incident response, and offer employee training
- Leveraging Threat Intelligence data to stay updated on attackers’ latest Tactics, Techniques, and Procedures (TTPs)
Kaspersky emphasized that proactive patching, continuous monitoring, and updated intelligence are essential to reducing risk and preventing attackers from gaining long-term control within corporate networks.
Also Read
QualiZeal, Pcloudy Unveil AI-powered Lab-in-a-Box for Secure Enterprise Device Testing
