API security

This article is based on the Imperva 2025 Malicious Robots Report, which reveals three core trends:
The New Normal of Automated Traffic: Automated traffic surpassed human traffic for the first time in 2024, accounting for 511 TP3T, of which 371 TP3T were malicious bots, and growing for six consecutive years, marking a structural change in Internet interaction patterns and a new stage in enterprise security challenges.
AI-enabled attack evolution: the proliferation of Artificial Intelligence (AI) and Large Language Models (LLMs) has significantly lowered the attack threshold, fueling the scale and sophistication of malicious automated attacks. ai is not only used to generate bots, but it also drives them to analyze, learn, and optimize escape techniques, spawning advanced bots that are more evasive, and leading to an increase in business logic attacks.
APIs Become New Focus of Attacks: With the popularity of microservices and mobile apps, APIs have become a prime target for malicious bots due to their concentrated value, relatively weak defenses, and ease of automation.44% of advanced bot traffic was directed to APIs, and the financial services and telecom industries were the most severely attacked, with data scraping, payment fraud, and account takeover being the main attack tactics.
In addition, the article analyzes in detail the resurgence of account takeover (ATO) attacks, noting their year-over-year growth of 40% in 2024, and explores the drivers of the surge in ATO attacks, the most impacted industries, and the regulatory penalties they may face. Finally, the paper proposes a multi-layered, adaptive defense-in-depth strategy, including going beyond traditional WAFs, strengthening API security, countering ATOs, building a unified security view, and continuous monitoring and threat intelligence, which is designed to help enterprises effectively counter the increasingly intelligent and scaled threat of malicious bots and protect digital assets and business continuity.

Recently, a backend API execution permission vulnerability in the historical version of enterprise WeChat privatization was discovered. An attacker can obtain address book information and application permissions by sending specific messages. Through the API with vulnerability risk, https://cncso.com/cgi- The bin/gateway/agentinfo interface can directly obtain sensitive information such as corporate WeChat secrets without authorization, which can lead to the acquisition of all corporate WeChat data, file acquisition, and the use of corporate WeChat light applications to send phishing files and links within the enterprise.