Skip to main content

CYBERSTATS

Security Intelligence

HomeTopicsAPIs

APIs

Cybersecurity statistics about apis

Related Topics

API Security2Application Security1Shadow APIs1Undocumented APIs1KEV1AI-related Vulnerabilities1

Top Vendors

CyCognito35Wallarm2BreachLock2Rein Security1Endor Labs1Thales1

Showing 1-20 of 42 results

62% of security professionals are blind to shadow or undocumented APIs.

Rein Security2/22/2026
Application SecurityShadow APIs

In 2025, 43% of CISA KEV additions were API-related, making APIs the single largest exploited surface in that dataset.

Wallarm2/22/2026
API SecurityKEV

In 2025, 36% of AI-related vulnerabilities involved APIs (786 of 2,185 AI-related vulnerabilities).

Wallarm2/22/2026
AI-related VulnerabilitiesAPI Security

82% of the more than 10,000 Model Context Protocol (MCP) servers interact with sensitive APIs, creating additional vulnerabilities in 2025.

Endor Labs11/9/2025
MCP EcosystemSoftware Development

APIs in technology & SaaS providers' environments saw a 400% spike in critical vulnerabilities.

BreachLock8/11/2025
VulnerabilitiesCritical vulnerabilities

Nearly 7 in 10 retail & consumer goods organizations had APIs with misconfigured authorizations or data exposure issues. These retail & consumer goods APIs averaged 15 vulnerabilities per API.

BreachLock8/11/2025
MisconfigurationData exposure

In one analysis, media had 21% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
MediaVulnerabilities

In one analysis, energy had 18% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
EnergyVulnerabilities

In one analysis, transport had 12% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
TransportVulnerabilities

In one analysis, hospitality had 15% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
HospitalityVulnerabilities

Top 5 industries by API vulnerability: Education: 37.7%, Retail: 29.8%, Media: 18.8%, Government: 18.5%, Professional Services: 10.6%.

CyCognito7/15/2025
VulnerabilitiesEducation

In one analysis, retail had 27% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
RetailVulnerabilities

In one analysis, technology had 15% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
TechnologyVulnerabilities

In one analysis, the media sector had 18.8% vulnerable APIs.

CyCognito7/15/2025
MediaVulnerabilities

In one analysis, retail had 29.8% vulnerable APIs.

CyCognito7/15/2025
RetailVulnerabilities

In one analysis, education had 37.7% vulnerable APIs.

CyCognito7/15/2025
EducationVulnerabilities

In one analysis, telecommunications had 15% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
TelecommunicationsVulnerabilities

In one analysis, education had 31% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
EducationVulnerabilities

In one analysis, the government sector had 18.5% vulnerable APIs.

CyCognito7/15/2025
GovernmentVulnerabilities

In one analysis, finance had 5% of vulnerable assets across cloud, APIs, and web applications.

CyCognito7/15/2025
FinanceVulnerabilities