Wallarm API Threat Statistics Report 2025

Keypoints

• Major cybersecurity vendor reports, such as Wallarm’s Q1 2025 API ThreatStats™, typically include sections on introduction, methodology, threat landscape analysis, detailed breach incidents, vulnerability trends, and conclusions with strategic insights.
• These reports generally analyze datasets from sources like CISA KEV, breach incident reports, published vulnerabilities, and new security issues identified in repositories such as GitHub, providing a comprehensive view of the current threat landscape.
• Key statistics reveal that in Q1 2025, 582 API-related vulnerabilities were disclosed with an average CVSS score of 7.42, indicating high-severity issues; access control vulnerabilities (such as broken access and authentication flaws) dominate the vulnerability landscape.
• Notable trends include a surge in API breaches caused by misconfigurations, hardcoded secrets, and unauthorized access, affecting diverse industries from healthcare to AI, underscoring the broad attack surface of APIs.
• The report highlights the increasing security risks posed by agentic AI systems, where 65% of issues in analyzed repositories are API-related, with common weaknesses like unmaintained third-party components and input validation flaws.
• Remediation times vary, with many issues fixed within a week, but some lingering over years, signaling ongoing challenges in vulnerability management.
• Overall, APIs are recognized as both the attack surface and a critical security front, necessitating continuous threat modeling, real-time monitoring, updated policies, and robust API security strategies.
• Practitioners are advised to update threat models quarterly, incorporate new threat intelligence, monitor API traffic, and develop comprehensive security strategies especially for agentic AI ecosystems.