NEW research shows attackers are increasingly abusing APIs at machine speed, with AI expanding the blast radius and widening exposure across systems. In a review of more than 60,000 vulnerabilities disclosed in 2025, Wallarm found over 11,000 (17%) were API-related, while a separate analysis of CISA KEV Catalog additions for 2025 showed 43% of exploited vulnerabilities were API-related.
The report highlights the top ten API-relevant breaches from 2025 and notes AI technologies are accelerating API risks, with API security described as central to successful AI adoption. The rise of the Model Context Protocol (MCP) is expected to play a major part in future API issues, and Wallarm recorded 315 MCP-related vulnerabilities in 2025, including a 270% increase between Q2 and Q3 2025.
Attacks frequently combine three failure modes—over-permissioned tools, direct API exposure and lack of runtime enforcement—making MCP hard to contain as it spreads across multiple vendors. According to Wallarm, AI is amplifying existing weaknesses rather than creating new ones, and runtime behaviour now largely defines API risk.