Simply because more research (on pentesting) is being put into it.
But GraphQL has nothing in its spec that talks about security. REST is 20 years old and sits on top of a protocol that's well older. GraphQL on top of HTTP is not inherently secure. Same way REST on top of HTTP is not as well.
There's a ton of research on securing HTTP though
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
But GraphQL has nothing in its spec that talks about security. REST is 20 years old and sits on top of a protocol that's well older. GraphQL on top of HTTP is not inherently secure. Same way REST on top of HTTP is not as well.
There's a ton of research on securing HTTP though