They recorded 190,556 “exploit” attempts, or an average of 1,050 attacks a day, in the first half of 2025, according to cybersecurity company Kaspersky.

The company said this represents a 16% increase from the same period last year, reflecting a clear upward trend as digital infrastructure continues to expand.

Exploits are malicious programmes designed to take advantage of bugs or vulnerabilities in software and operating systems. These serve as open doors for cybercriminals to gain unauthorised access when left unpatched.

Kaspersky said within Southeast Asia, Malaysia ranks third in terms of exploit volume, behind Indonesia (524,657) and Vietnam (301,800).

Kaspersky managing director for Asia Pacific Adrian Hia said the 16% jump in exploit attempts against Malaysian businesses within just six months highlights how relentless such attackers have become.

“As the country’s online economy expands, closing the gap in unpatched systems is not just about avoiding attacks but also fortifying the nation’s digital progress.

“Threat intelligence tells us exactly where attackers are focussing, so that Malaysian enterprises can strengthen defences before the damage is done,” Bernama reported him as saying.

The company said businesses in Malaysia overall encountered 1.7 million business-to-business web-based threats in the first six months of 2025.

This makes Malaysia the second most targeted country in Southeast Asia, with incidents exceeding Indonesia’s 1.63 million threats and outpaced only by Thailand’s 2.52 million.

“Web-based threats refer to malware programmes that target users when they are browsing the internet. These threats are not limited to online activity but ultimately involve the internet at some stage to inflict harm,” it said.