Kaspersky has revealed that businesses in Singapore and Southeast Asia (SEA) are increasingly exposed to cyberattacks due to unpatched systems. From January to June 2025, Kaspersky blocked 1,195,673 exploits targeting organisations in SEA, with Singapore alone accounting for 38,719 blocked exploits. These figures underscore the growing cybersecurity threats in the region.
Exploits, malicious programmes exploiting software vulnerabilities, pose a significant risk when systems remain unpatched. Kaspersky’s data indicates that the most common targets globally in Q2 2025 were unpatched Microsoft Office products. Specific vulnerabilities included CVE-2018-0802 and CVE-2017-11882, both affecting the Equation Editor component, and CVE-2017-0199, impacting Microsoft Office and WordPad.
The report highlights that both new zero-day vulnerabilities and older, overlooked issues are being exploited. Cybercriminals, including advanced persistent threat groups, are targeting widely used tools such as remote access software and document editors. Notably, low-code/no-code platforms and AI-powered application frameworks are also being exploited as businesses adopt these newer technologies.
Adrian Hia, Managing Director for APAC at Kaspersky, emphasised the need for robust cyber defences as Singaporean businesses embrace digital transformation. He stated, “As we continue to witness an ever-increasing amount of cyberthreats, it is imperative for organisations to strengthen their cyber defences.”
Kaspersky advises businesses to investigate vulnerabilities in secure environments, ensure 24/7 infrastructure monitoring, maintain a robust patch management process, and deploy reliable solutions to detect and block malicious software. Additionally, staying informed with the latest Threat Intelligence is crucial to understanding the tactics used by threat actors.
