Wallarm has released its API ThreatStats 2025 report, highlighting an unprecedented surge in API attacks, largely driven by the widespread adoption of artificial intelligence. According to the study, APIs have become the primary attack surface, with AI-related vulnerabilities soaring by 1,205% compared to the previous year. Nearly all of these vulnerabilities are directly tied to API security.
According to Wallarm CEO Ivan Novikov, API vulnerabilities are no longer merely a technical concern but a significant business threat. Modern AI systems heavily rely on APIs for application interaction, yet 89% of APIs lack robust authentication mechanisms, and 57% remain publicly accessible. Only 11% possess adequate security measures, leaving the vast majority of endpoints exposed to potential exploitation.
Wallarm’s research team identified 439 AI-related vulnerabilities, marking a 1,025% increase from the previous year. Nearly all of these flaws stem from API weaknesses, including injection attacks, misconfigurations, and memory management vulnerabilities. For the first time, a new attack category—Memory Corruption and Overflow—has appeared in Wallarm’s threat rankings, linked to improper memory handling, which can result in data leaks, system crashes, and remote code execution.
Over the past year, API attacks in CISA’s Known Exploited Vulnerabilities (KEV) catalog surged by 30%, surpassing traditional exploit categories such as browser vulnerabilities, kernel exploits, and supply chain attacks for the first time in history.
Wallarm has identified three key trends in API threats:
- AI is a catalyst for new attack vectors.
The report finds that 53% of U.S. companies integrate AI technologies via APIs, yet security remains a major weak point. Notably, critical vulnerabilities have been discovered in AI tools such as PaddlePaddle and MLflow, which threat actors could exploit to steal intellectual property and compromise training datasets. - Both legacy and modern APIs are at risk.
Legacy APIs—such as those used in Digi Yatra and Optus—remain vulnerable due to outdated design principles, while modern RESTful APIs are increasingly targeted due to complex integrations and misconfigurations. In the KEV catalog, modern API attacks now account for 33% of all API-related incidents, with Ivanti and Palo Alto Networks among the most affected vendors. - Authentication mechanisms are a prime target.
Security incidents involving Twilio and Tech in Asia illustrate how access control weaknesses have become a critical attack vector. In 2023, API-related incidents were reported quarterly, but in 2024, the frequency has escalated to 3-5 attacks per month. The financial, healthcare, and transportation sectors remain particularly vulnerable.
As AI integration accelerates, organizations must adopt proactive API security controls to mitigate risks. Failure to do so not only increases the likelihood of data breaches but also threatens customer trust and corporate integrity.
