.jpg)
Wallarm, a leader in API and agentic AI security, released its Q2 2025 API ThreatStats Report on August 25, 2025, highlighting a significant rise in AI-powered API vulnerabilities. The report, analyzing 639 API-related CVEs, emphasizes the growing attack surface driven by large language models (LLMs) and agent-driven architectures, with real-world breaches exposing risks from insecure defaults and weak authentication.
API Vulnerabilities Surge: 639 API-related CVEs disclosed in Q2 2025, mostly Critical or High Severity, continuing a quarter-over-quarter increase.
AI-Powered APIs Targeted: 34 vulnerabilities linked to AI-related APIs, including LLMs and agent frameworks, with one public breach involving an AI agent vulnerability.
Attack Trends: Attackers exploit logic-layer weaknesses, shifting from outdated libraries to API behavior, especially in AI systems.
Recommendations: Adopt runtime-first security, continuous testing, and enhanced visibility to counter dynamic threats.
“Attackers are exploiting the way APIs behave, especially those powering AI systems,” said Ivan Novikov, CEO of Wallarm. The report urges proactive runtime protection to address vulnerabilities like prompt injection and data leakage, critical for industries like finance and healthcare. Wallarm’s solutions integrate real-time threat detection and policy enforcement, aligning with trends like the EU AI Act’s focus on application-layer safeguards.
The report aligns with the projected $35.5B generative AI cybersecurity market by 2031, driven by AI adoption. Posts on X note 22% of CISA’s KEV exploits in Q2 2025 were API-related, reinforcing APIs as the top attack vector. Companies like Palo Alto Networks and SentinelOne are embedding AI security, but Wallarm’s focus on runtime visibility sets it apart.
Wallarm is the only unified platform for API and agentic AI security successfully deployed in enterprise production environments. With Wallarm, customers receive the fastest, easiest, and most effective way to stop API attacks. Organizations choose Wallarm to protect their APIs and AI agents because the platform delivers a complete inventory of APIs, real-time blocking, and patented AI/ML-based abuse detection. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.
TechIntelPro empowers B2B technology decision-makers with the latest industry trends, deep insights, leadership perspectives and actionable intelligence to drive both organizational and professional milestones—and thrive on the tech pulse.