AI use drives APIs to become the main attack surface

No Comments

A new report reveals that APIs have emerged as the predominant attack surface over the past year, with AI being the biggest driver of API security risks.

The survey from Wallarm, of 200 US-based enterprise leaders on AI and API security, finds over 53 percent report engaging in multiple AI deployments. These deployments are primarily enabled by API technology, cementing APIs as the foundation of enterprise AI adoption. However, while AI integration drives rapid API adoption across industries, it also introduces unique risks.

It uncovers a massive 1,205 percent surge in AI vulnerabilities, with nearly all directly tied to APIs. Researchers tracked 439 AI-related CVEs and 99 percent of these are directly tied to APIs, including injection flaws, misconfigurations, and new memory corruption vulnerabilities stemming from AI’s reliance on high-performance binary APIs.

"Based on our findings, what is clear is that API security is no longer just a technical challenge -- it's now a business imperative," says Ivan Novikov, CEO and co-founder of Wallarm. "API related security flaws are fueled by the adoption of AI, as APIs are the critical interface between AI models and the applications they power. However, this rapid growth has exposed significant vulnerabilities. For instance, we found that 57 percent of AI-powered APIs were externally accessible, and 89 percent relied on insecure authentication mechanisms. Of particular concern is that only 11 percent had robust security measures in place, leaving most endpoints vulnerable. In today’s environment, organizations cannot afford to not secure their APIs. Failure to do so means they are exposing themselves to grave risks that can result in costly technical vulnerabilities and reputational and operational crises."

See also:

More than 50 percent of all recorded CISA exploited vulnerabilities were API-related for the first time, a 30 percent increase from the year before, and this highlights the growing prevalence and criticality of API security in modern threat environments.

While legacy APIs such as those used in Digi Yatra and Optus incidents remain vulnerable due to outdated designs, modern RESTful APIs are equally at risk due to complex integration challenges and improper configurations.

The full report is available from the Wallarm site.

Image Credit: Alexandersikov/Dreamstime.com

No Comments
Got News? Contact Us

Recent Headlines

AI use drives APIs to become the main attack surface

Google is making it easier to find a safe and reliable VPN

The role of private clouds in enterprise data strategy [Q&A]

Netflix and Disney+ subscribers may have to pay a license fee to fund the BBC

Sony appoints Hideaki Nishino as new PlayStation CEO effective April 2025

Celebrating Data Privacy Day: Ensuring ethical agentic AI in our daily interactions

Enterprises consider ditching Oracle Java over cost worries

Most Commented Stories

New year, new Microsoft OS -- the stunning Windows 25 is everything Windows 12 should be

46 Comments

Optimum 10 Pro is an upgraded version of Windows 10 with next-level performance, privacy and control

29 Comments

Like magic! Transform Windows 11 into the Microsoft OS you've always wanted in just a couple of mouse clicks

20 Comments

Say goodbye to Windows 11 and switch to MX Linux 23.5 for a faster PC

14 Comments

Microsoft says 2025 is the year to ditch Windows 10 and embrace Windows 11

10 Comments

Millions of Windows 10 PCs face security disaster as Microsoft ends support

9 Comments

Sticking with Windows 10? No more Microsoft 365 for you!

8 Comments

The Apple TV+ free weekend could cost you dearly

7 Comments

© 1998-2025 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.