Given their nature, APIs are likely to continue to be responsible for a wide range of cyber attacks, such as those described in the whitepaper below.

By their definition, APIs provide an interface between often complex software, and un-trusted users or applications.

Complex software, such as enterprise mobile device management platforms, provide continually evolving attack surfaces that can be compromised, either through ingenious means by determined state-level attackers, or through trivial scripts where organisations are slow to patch published vulnerabilities. 

Such attacks often result in management or security platforms that are designed to defend organisations, becoming themselves a key component of a cyber attack.