API security company Wallarm released its 2025 API ThreatStats report. Of note, this doc revealed that APIs have emerged as the “predominant” attack surface over the past year, with AI serving as the biggest driver of API security risk. Wallarm’s annual report bridged a critical gap between technical and strategic aspects of API security, sharing actionable insight tailored to the distinct responsibilities of CISOs and CIOs.
“Based on our findings, what is clear is that API security is no longer just a technical challenge – it’s now a business imperative,” said Ivan Novikov, Wallarm’s CEO and co-founder. “API related security flaws are fueled by the adoption of AI, as APIs are the critical interface between AI models and the applications they power. However, this rapid growth has exposed significant vulnerabilities. For instance, we found that 57 percent of AI-powered APIs were externally accessible, and 89 percent relied on insecure authentication mechanisms. Of particular concern is that only 11 percent had robust security measures in place, leaving most endpoints vulnerable. In today’s environment, organizations cannot afford to not secure their APIs. Failure to do so means they are exposing themselves to grave risks that can result in costly technical vulnerabilities and reputational and operational crises.”
Wallarm’s researchers tracked 439 AI-related CVEs, noting a 1,025 percent increase from the prior year. Nearly all (99 percent) were directly tied to APIs, including injection flaws, misconfigurations and new memory corruption vulnerabilities stemming from AI’s reliance on high-performance binary APIs. With the exponential rise in AI adoption and exploits, Wallarm introduced a new ThreatStats Top 10 category: Memory Corruption and Overflow. This category addresses vulnerabilities that arise from improper memory handling and access, resulting in security breaches such as unauthorized data access, crashes and arbitrary code execution. It was driven by Wallarm’s analysis of how AI workloads interact with hardware, exposing APIs to issues such as buffer and integer overflows.
Additionally, over 50 percent of all recorded CISA exploited vulnerabilities were API-related, for the first time. This marks a 30 percent increase from the year prior, highlighting the growing prevalence and criticality of API security in modern threat environments. API vulnerabilities surpass traditional exploit categories such as kernel, browser and supply chain vulnerabilities, underscoring their central role in cyberattacks.
Other insights included:
- Over 53 percentengaging in multiple AI deployments. These deployments are primarily enabled by API technology, cementing APIs as the foundation of enterprise AI adoption.
- APIs representing the largest category of exploited vulnerabilities in CISA KEV, with modern APIs representing over 33 percent. Exploits include improper authentication, injection attacks and API endpoint misconfigurations, targeting enterprise-grade platforms with prominent attacks.
