Explore the critical security vulnerabilities in 4G and 5G mobile network APIs that enable next-generation AI, MEC, and IoT applications in this 40-minute Black Hat conference talk. Delve into practical details of these APIs and learn about the security investigation conducted on hundreds of APIs from 10 commercial providers and operators, revealing widespread critical weaknesses. Discover attack models for network exposure, commercial IoT service platform security configurations, and various security issues such as guessable username and password policies, token mismanagement, and lack of rate limiting. Examine potential threats like malware propagation, internal node exposure, and script injection. Gain insights into the importance of secure API-by-design approaches and proper access control configurations to protect mobile networks from emerging threats.