MyCERT Report - Cyber Incident Quarterly Summary Report - Q4 2025

Recent advisories and reports published by CyberSecurity Malaysia and the MyCERT Advisory Portal highlight the growing volume and sophistication of cyber threats affecting both organizations and individual users in Malaysia. Through its Cyber999 Incident Response Centre, CyberSecurity Malaysia continues to monitor, investigate, and publish alerts related to malware, phishing, mobile threats, vulnerabilities, and large-scale cyber incidents impacting the country.

Rising Threats Across Mobile and Enterprise Environments

Recent advisories indicate a steady increase in Android-related threats, malicious applications, phishing campaigns, credential theft, and actively exploited vulnerabilities. CyberSecurity Malaysia has issued multiple alerts covering high-risk Android flaws capable of remote code execution, privilege escalation, and device compromise. Several of these vulnerabilities were confirmed as actively exploited in the wild, reinforcing the need for timely patching and stronger mobile security practices.

In parallel, mobile-focused malware campaigns continue to evolve, including deceptive applications distributed through legitimate app marketplaces. Some cases involve malware abusing device capabilities such as OCR to extract sensitive information from screenshots, including credentials, financial data, and cryptocurrency-related assets.

Cyber Incident Trends in Malaysia

Cyber999 quarterly reporting continues to show phishing, impersonation, data breaches, malware infections, malicious APKs, and infostealer activity as the most frequently observed cyber incidents in Malaysia. In recent reporting periods, phishing alone has accounted for a significant portion of total incident volumes, often driven by fake websites, scam messages, and social engineering tactics.

At the same time, there is a consistent rise in malware-related incidents involving botnets, infostealers, ransomware, and credential harvesting operations. Compromised credentials from browsers, VPNs, email platforms, and messaging applications remain a persistent concern for both individuals and enterprises.

Importance of Security Awareness and Timely Updates

CyberSecurity Malaysia continues to emphasize the importance of basic cybersecurity hygiene, including timely software updates, careful application usage, and continuous monitoring for suspicious activity. Strong awareness against phishing, scam calls, and fake applications remains a key defensive factor, especially as social engineering tactics become more convincing and harder to detect.

For organizations, recommended practices include vulnerability management, endpoint protection, network monitoring, secure backup strategies, and stronger identity and access controls. These measures help reduce exposure to increasingly automated and large-scale cyber attacks.

Conclusion

The latest advisories and incident reports from CyberSecurity Malaysia reflect a cyber threat landscape that is becoming more dynamic and sophisticated, affecting both mobile and enterprise environments. From Android vulnerabilities and malicious applications to phishing, ransomware, and credential theft, threats continue to evolve in both technique and scale.

As attackers increasingly target trusted platforms and user behavior, organizations and individuals must rely on a combination of proactive security controls, continuous monitoring, timely patching, and strong user awareness to maintain resilience against modern cyber threats.

Reference

1. https://www.mycert.org.my/portal/advisory?id=SR-033.042026