Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Can you ever imagine the impact on your business if it went offline on Black Friday or Cyber Monday due to a cyberattack? Black Friday is the biggest day in the retail calendar. It’s also the riskiest. As you gear up for huge surges in online traffic, ask yourself: have you protected the APIs on which the business runs?

Earlier this month, Microsoft uncovered SesameOp, a new backdoor malware that abuses the OpenAI Assistants API as a covert command-and-control (C2) channel. The discovery has drawn significant attention within the cybersecurity community. Security teams can no longer focus solely on endpoint malware. Attackers are weaponizing public and legitimate AI assistant APIs and defenders must adjust.

Over the past few years, API security has gone from a relatively niche concern to a headline issue. A slew of high-profile breaches and compliance mandates like PCI DSS 4.0 have woken security teams up to the reality that APIs are the front door to their data, infrastructure, and revenue streams. OWASP recently published its first-ever Business Logic Abuse Top 10 List; a clear indication that the industry is taking API security and all its nuances seriously.

Wallarm’s latest Q3 2025 API ThreatStats report reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving. Malicious actors are shifting from code-level weaknesses to business logic flaws, from web apps to partner integrations, and from REST to AI-powered APIs. Here’s what stood out this quarter, and what security leaders should do about it.

As Cybersecurity Awareness Month continues, we wanted to dive even deeper into the attack methods affecting APIs. We’ve already reviewed Broken Object Level Authentication (BOLA), injection attacks, and authentication flaws; this week, we’re exploring business logic abuse (BLA). Unlike technical flaws, business logic flaws exploit how an API is designed to behave.

What can we learn from the recent AWS outage, and how can we apply those lessons to our own infrastructure?

API security has never been more important because modern APIs are operational necessities. Unfortunately, many organizations are failing to adapt their security models to a rapidly changing API threat landscape. Like it or not, we live in an AI-first world, and API security must reflect that reality. The Postman 2025 State of API Report is confirmation of that fact.

Authentication issues seem like low-level attacks. But authentication today – especially API authentication – can be more difficult than people expect. Companies rely on APIs to carry sensitive information every day. If access to those APIs is not properly secured, all the sophisticated security solutions companies use to protect their data elsewhere are completely undermined.

2025 has been one of Wallarm’s biggest years yet. In the last few months alone, we unveiled our industry-first API Revenue Protection capability, launched our next-gen Security Edge offering, were included in the 2025 Inc. 5000 list of fastest-growing private companies in America, and announced our $55M Series C funding round. This October, we’re proud to see our dedication and our customers’ confidence recognized.

Injection attacks are among the oldest tricks in the attacker playbook. And yet they persist. The problem is that the core weakness, trusting user inputs too much, keeps resurfacing in new forms. As organizations have shifted to API-driven architectures and integrated AI systems that consume unstructured input, the attack surface has expanded dramatically.