Increased API Threats Reached a Peak of Over 40,000 Instances in the First Half of 2025
In the first half of 2025, APIs have emerged as the digital economy's most attractive attack surface, according to Tim Chang, VP of application security products at Thales. The company's latest API Threat Report reveals a significant increase in API attacks, with a concerning focus on specific products and sectors.
The report, produced by Thales' Imperva business and based on data from over 4000 environments worldwide, highlights Log4j, Oracle WebLogic, and Joomla as the most targeted products in API attacks. Financial services, healthcare, and e-commerce sectors were the most affected, with financial services being the most targeted by account takeover attacks, accounting for 22% of incidents.
The report also sheds light on the types of attacks that have been prevalent. Remote code execution (RCE) attempts accounted for 13% of API attacks, while data scraping accounted for nearly a third (31%) of API bot activity. Furthermore, there was a 40% increase in credential-stuffing and account takeover attempts targeting APIs without adaptive multi-factor authentication (MFA).
The entertainment & arts sector accounted for 13% of API incidents, while financial services accounted for 27%. Interestingly, telecoms and ISPs accounted for 10%, and the travel sector accounted for 14%.
Notably, the report states that 27% of API-focused DDoS traffic was aimed at financial services targets, with a record-breaking 15 million requests-per-second (RPS) DDoS attack reported by Thales in the first half of 2025.
Coupon and payment fraud accounted for 26% of API attacks, and APIs now attract 44% of advanced bot traffic, which is generated by sophisticated software designed to mimic human behavior.
Criminals are shifting their tactics, no longer needing to inject malware, but instead bending business logic against organizations, with requests appearing legitimate but the impact potentially devastating.
Chang predicted that the volume and sophistication of API attacks would continue to surge in the next six months. He emphasized the importance of discovering every live endpoint, understanding its business value, and protecting it with context-aware, adaptive defenses.
Despite the alarming trends, the report did not mention any new products or services offered by Thales to combat these API threats. However, the report's findings underscore the urgent need for businesses to prioritise API security to safeguard their digital assets.
Read also:
- Quantum Computing Market in the Automotive Sector Forecast to Expand to $6,462.13 Million by 2034
- List of 2025's Billionaire Video Game Moguls Ranked by Fortune
- VinFast Accelerates Globally, Leveraging Vingroup's Technological and Financial Foundation
- Transformation of Decarbonization Objectives in the Iron Ore Pellets Sector
