API Threats Grow in Scale as AI Expands the Blast Radius

• Application Programming Interfaces (APIs) remain an attacker-favored exploit route. • Aggressors continuously target common failures in identity, access control and exposed interfaces - often at scale and machine speed. • AI is increasing the threat surface.In an analysis of more than 60,000 published vulnerabilities disclosed in 2025, Wallarm found more than 11,000 (17%) were API-related. • A concurrent analysis of CISA KEV Catalog additions for 2025 found 43% of exploited vulnerabilities were API-related.The report demonstrates the severity of the threat by including details of the top ten API-relevant breaches from 2025. • The top three are700Credit,Qantas, andSalesloft.A standout element of the report is the continuing expansion of AI technologies and their effect on APIs and AI security. • “API security is at the heart of any AI transformation,” comments Ivan Novikov, founder and CEO at Wallarm.

Article Summaries:

• Application Programming Interfaces (APIs) remain an attacker-favored exploit route. Aggressors continuously target common failures in identity, access control and exposed interfaces - often at scale and machine speed. AI is increasing the threat surface. In an analysis of more than 60,000 published vulnerabilities disclosed in 2025, Wallarm found more than 11,000 (17%) were API-related. A concurrent analysis of CISA KEV Catalog additions for 2025 found 43% of exploited vulnerabilities were API-related. The report demonstrates the severity of the threat by including details of the top ten API-r

Sources:

• https://www.securityweek.com/api-threats-grow-in-scale-as-ai-expands-the-blast-radius/