AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop

Summary

Digital.ai's 2026 App Security Threat Report reveals that agentic AI has dramatically accelerated mobile app attacks, with strike times now measured in hours rather than days. Attack rates against client-facing apps have jumped from 55% in 2022 to 87% in 2026, while the historical security gap between iOS and Android has nearly closed to 97% parity. AI-assisted reverse engineering and exploit generation have made previously difficult targets like automotive and medical device apps vulnerable, eliminating the distinction between emerging and primary targets.

Full text

AI, and especially agentic AI, is remodeling attack and defense throughout cybersecurity. Any distinction between emerging targets and primary targets in app security has dissolved, courtesy of bad actors’ rapid adoption of agentic AI. All apps should be considered primary targets, and security budgets should be allocated to reflect the new reality. Two areas of focus are discussed in Digital.ai’s 2026 App Security Threat Report. Firstly, the number of attacks against client-facing apps monitored by the firm has increased from 55% in 2022 to 87% in 2026. This increase is driven by the role of AI in permanently collapsing the cost and expertise required by bad actors to do so. Attackers focus on AI’s ability in reverse engineering, exploit generation, and dynamic analysis. Secondly, the traditional security gap between iOS and Android closed significantly between 2023 and 2026. “In 2023, iOS apps faced half the attack rate of Android apps. In 2026, they face 97% of it,” states the report, “and the gap that remains is closing fastest in the most sophisticated attack category.” AI’s ability to operate in both iOS and Android environments is the cause. These are related. Sectors and systems that were once difficult to attack have become easier through AI assistance.Advertisement. Scroll to continue reading. Just as AI increases the speed of development and release of new apps, it also enables the attackers to act faster. While publishing an app to the App Store or Google Play has always been considered a milestone achievement in the past, “It is now, in operational terms, a security exposure event,” suggests the report. It further notes, “One Digital.ai customer recorded a platform integrity attack on their application within one hour and fifty-six minutes of the application becoming available in the store.” The window between app publication and first hostile contact is now measured in hours, not days. Breaking down the attack instance by vertical sector further implicates the rise of AI-assisted adversarial activity. During the period 2025 to 2026 the attack rates of four verticals have converged. But what is most notable is that the rates for automotive apps and medical device apps have risen the most steeply. The AI dimension is what makes the convergence with financial services significant rather than coincidental, explains the report. Automotive apps were historically protected in part by their technical complexity – vehicle telematics protocols, custom binary formats, OEM-specific authentication flows. Reverse engineering that complexity required expertise that limited the attacker population. AI-assisted tooling has made this expertise more accessible. The steepest vertical rise is in medical device apps, which had an eight-percentage point increase in attack rates. “The verticals where attackers have had to do the most work to extract the most value are precisely the verticals where AI-assisted tooling produces the largest marginal gains. The +8 point jump is consistent with attackers discovering that medical-device connected apps offer a better return on effort than they did when reverse engineering required specialized expertise,” explains Digital.ai. The distinction between a primary target and an emerging target has dissolved. It is no longer valid to prioritize a security defense budget on what was once considered an emerging target – the use of AI makes all targets primary. This equally applies to any concept of geographic insulation. “The honest call to action is that organizations whose AppSec posture has implicitly relied on geographic distance from the threat should make that reliance explicit, examine it, and stop relying on it,” states the report. The reason is simple. “The same AI your developers used to build your app this morning is being used to attack it this afternoon,” comments Derek Holt, CEO at Digital.ai. “That forces a question every AppSec team needs to answer: is the application built to defend itself from the moment it hits the store? Or is it waiting for the security team to notice it is being used as the entry point? In an environment where 87% of monitored apps are under attack, waiting is not a strategy. The gap between where the attacks are and where the security investment is, is no longer acceptable.” The overwhelming conclusion to be drawn from Digital.ai’s app security threat analysis is that defenders must adopt defensive agentic AI to counter the attackers’ increasingly sophisticated use of agentic AI. Bad actors always adopt new technology faster than industry. They did so in this case – they have nothing to lose in making a mistake. The result is that attack instances have risen, and are continuing to rise, at great speed. The onus is now on the defenders to develop and use their own secure agentic systems to narrow the gap between attack and defense. Related: AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours Related: Cyber Insights 2026: Quantum Computing and the Potential Synergy With Advanced AI Related: Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’ Related: The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI Written By Kevin Townsend Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines. Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Kevin Townsend New Edamame Platform Aims to Catch AI Coding Agents Going Off the RailsThe Credential Crisis: How Stolen Credentials Defeat Modern Security‘SymJack’ Attack Turns AI Coding Agents Into Supply Chain Attack Delivery SystemsAppOmni’s Marlin AI Brings Autonomous Investigation to SaaS SecurityOpen Source DockSec Uses AI to Cut Through Vulnerability Noise in Docker ImagesSupply Chain Security Crisis: Too Many Vulnerabilities, Too Little Visibility1Password Teams With OpenAI to Stop AI Coding Agents From Leaking CredentialsLegacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks Latest News In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain AttacksCharter Communications Data Breach Could Impact Nearly 5 MillionMokN Raises $15 Million for Phish-Back PlatformGogs Zero-Day Exposes Servers to Remote Code ExecutionCalifornia Sues 23andMe, Alleging It Failed to Protect User Data in 2023 BreachChrome 148 Update Patches 151 VulnerabilitiesRussia-Linked ‘GreyVibe’ Attackers Use AI to Supercharge CyberattacksGeordie Raises $30 Million for AI Security and Governance Platform Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Virtual Event: Threat Detection and Incident Response Summit On-Demand Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register Webinar: Third-Party Risk in Practice June 4, 2026 Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice. Register People on the MoveAnurag Jain has been appointed Senior Vice President of Engineering at CodeHunterCTERA has appointed Tal Sarfaty as Senior Vice President of Cybersecurity.Quantum Secure Encryption has named Michael Massing as Chief Technology Officer.More People On The MoveExpert Insights R

Entities