AI-driven API vulnerabilities have skyrocketed by 1205% in the past year.
The figures come from the 2025 API ThreatStats Report by Wallarm, which highlights how AI has become the biggest driver of API security threats, with nearly 99% of AI-related vulnerabilities tied to API flaws.
The study also found that 57% of AI-powered APIs were accessible externally, while 89% lacked secure authentication. Only 11% implemented robust security measures.
Wallarm tracked 439 AI-related CVEs in 2024. Many of these stemmed from injection flaws, misconfigurations and a newly identified category – Memory Corruption and Overflow – caused by AI’s reliance on high-performance binary APIs.
APIs Dominate Cybersecurity Threat Landscape
For the first time, over 50% of all recorded CISA exploited vulnerabilities were API-related, a sharp rise from 20% in 2023. Of these, 33.5% targeted modern RESTful and GraphQL APIs, while 18.9% affected legacy systems, such as AJAX-based APIs and URL parameter vulnerabilities.
Read more on API security: New APIs Discovered by Attackers in Just 29 Seconds
No tags.
