Wallarm Unveils Findings from Q1 2025 API Threat Report, Uncovering Evolving API Threats Across Multiple Industries

San Francisco, CA – April 24, 2025 – Wallarm, the leader in API and AI security solutions, today announced the findings of The Rise of Agentic AI, the API ThreatStats report for Q1 2025. The report found that evolving API threats are fueled by the rise of agentic AI systems, growing complexity in cloud-native infrastructure, and a surge in software supply chain risks, and uncovered patterns and actionable insights to help organizations prioritize risks and harden their defenses.

‍

“In the first quarter of 2025, overall API threats continued to increase across multiple industries, from healthcare to AI and beyond,” said Ivan Novikov, CEO and Co-Founder of Wallarm. “Our research shows that AI agent security risk largely stems from APIs. Agentic AI presents the same problems as any other type of code, but agentic AI exhibits a large percentage of API-related vulnerabilities. We can’t address agentic AI security without directly addressing APIs.”

‍

While APIs are central to all Agentic workflows, cybersecurity standards such as CVE and CISA KEV are trailing indicators of API and overall security risks presented by Agentic AI. In order to gain insights into current and future trends, Wallarm researchers took a deep dive into GitHub security issues for Agentic repositories. Of the 2,869 security issues analyzed in Agentic AI projects, they found that the majority were API-related (65%), underscoring the inseparability of agent and API security.

‍

The report also analyzed API breaches that occurred in Q1 2025. No industry was immune, as highlighted by breaches impacting organizations such as Oracle Cloud, DeepSeek, CommonCrawl, Volkswagen, National Health Service (NHS) UK, Microsoft, BeyondTrust, and OmniGPT.

‍

Key findings include:

• The majority of all security issues in Agentic AI repositories (65%) are API-related and over 700 issues remain unaddressed.
• 25% of reported security issues remain open, with some lingering for 1,200-plus days, highlighting a critical gap between vulnerability discovery and remediation.
• The top five API breaches span cloud, AI, automotive, and healthcare, underscoring industry-wide concerns and urgent relevance to cybersecurity worldwide.
• With 60% of top vulnerabilities found to be access control-related, access control remains prevalent across APIs.

‍

APIs are not just part of the attack surface — they are the attack surface. From legacy system exposures to AI-native risks, attackers are increasingly targeting APIs as both the entry point and objective. In order to protect themselves from these threats, organizations need to take proactive measures to ensure existing threat models account for the current environment and prioritize API security by updating API threat models and security workflows, creating Agentic AI security strategies, implementing real-time monitoring of API traffic, and updating both threat intelligence and API discovery methodology.

‍

To download the full Q1 2025 API Threat Report, visit http://www.wallarm.com/reports/q1-2025-wallarm-api-threatstats-report. 

‍