From BFSI to retail, Indian enterprises grapple with unprecedented cyber onslaught in 2025

India witnessed an alarming surge in cyber threats in the first half of 2025, with Indusface reporting that its AppTrana WAAP platform blocked over 4.26 billion attacks. This marks a 15% increase compared to the same period in 2024, with each enterprise website facing an average of 4.1 million attacks. The findings from the company’s State of Application Security – India H1 2025 Report underline the rising intensity and sophistication of threats, as attackers increasingly move from high-volume disruption to precision exploits, often weaponizing zero-day vulnerabilities within days of discovery.

APIs have emerged as the most critical attack surface, recording a 126% rise in targeted incidents and totalling more than 1.36 billion attacks during the period. API vulnerability exploitation surged 13 times year-on-year, while DDoS incidents against API hosts jumped 388% per site. In comparison, website attacks rose by 11%, with vulnerability exploits up ...