AI-Powered App Attacks Are Faster, More Frequent and Harder to Stop

AI, and especially agentic AI, is remodeling attack and defense throughout cybersecurity. Any distinction between emerging targets and primary targets in app security has dissolved, courtesy of bad actors’ rapid adoption of agentic AI. All apps should be considered primary targets, and security budgets should be allocated to reflect the new reality. Two areas of focus are discussed in Digital.ai’s 2026 App Security Threat Report. Firstly, the number of attacks against client-facing apps monitored by the firm has increased from 55% in 2022 to 87% in 2026. This increase is driven by the role of AI in permanently collapsing the cost and expertise required by bad actors to do so. Attackers focus on AI’s ability in reverse engineering, exploit generation, and dynamic analysis. Secondly, the traditional security gap between iOS and Android closed significantly between 2023 and 2026. “In 2023, iOS apps faced half the attack rate of Android apps. In 2026, they face 97% of it,” states the report, “and the gap that remains is closing fastest in the most sophisticated attack category.” AI’s ability to operate in both iOS and Android environments is the cause. These are related. Sectors and systems that were once difficult to attack have become easier through AI assistance. Just as AI increases the speed of development and release of new apps, it also enables the attackers to act faster. While publishing an app to the App Store or Google Play has always been considered a milestone achievement in the past, “It is now, in operational terms, a security exposure event,” suggests the report. It further notes, “One Digital.ai customer recorded a platform integrity attack on their application within one hour and fifty-six minutes of the application becoming available in the store.” The window between app publication and first hostile contact is now measured in hours, not days. Breaking down the attack instance by vertical sector further implicates the rise of AI-assisted adversarial activity. During the period 2025 to 2026 the attack rates of four verticals have converged. But what is most notable is that the rates for automotive apps and medical device apps have risen the most steeply. The AI dimension is what makes the convergence with financial services significant rather than coincidental, explains the report. Automotive apps were historically protected in part by their technical complexity – vehicle telematics protocols, custom binary formats, OEM-specific authentication flows. Reverse engineering that complexity required expertise that limited the attacker population. AI-assisted tooling has made this expertise more accessible. The steepest vertical rise is in medical device apps, which had an eight-percentage point increase in attack rates. “The verticals where attackers have had to do the most work to extract the most value are precisely the verticals where AI-assisted tooling produces the largest marginal gains. The +8 point jump is consistent with attackers discovering that medical-device connected apps offer a better return on effort than they did when reverse engineering required specialized expertise,” explains Digital.ai. The distinction between a primary target and an emerging target has dissolved. It is no longer valid to prioritize a security defense budget on what was once considered an emerging target – the use of AI makes all targets primary.  This equally applies to any concept of geographic insulation. “The honest call to action is that organizations whose AppSec posture has implicitly relied on geographic distance from the threat should make that reliance explicit, examine it, and stop relying on it,” states the report. The reason is simple. “The same AI your developers used to build your app this morning is being used to attack it this afternoon,” comments Derek Holt, CEO at Digital.ai. “That forces a question every AppSec team needs to answer: is the application built to defend itself from the moment it hits the store? Or is it waiting for the security team to notice it is being used as the entry point? In an environment where 87% of monitored apps are under attack, waiting is not a strategy. The gap between where the attacks are and where the security investment is, is no longer acceptable.” The overwhelming conclusion to be drawn from Digital.ai’s app security threat analysis is that defenders must adopt defensive agentic AI to counter the attackers’ increasingly sophisticated use of agentic AI. Bad actors always adopt new technology faster than industry. They did so in this case – they have nothing to lose in making a mistake. The result is that attack instances have risen, and are continuing to rise, at great speed. The onus is now on the defenders to develop and use their own secure agentic systems to narrow the gap between attack and defense. Related: AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours Related: Cyber Insights 2026: Quantum Computing and the Potential Synergy With Advanced AI Related: Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’ Related: The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI WRITTEN BY Kevin Townsend Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines. More from Kevin Townsend Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’ Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware Build Application Firewalls Aim to Stop the Next Supply Chain Attack Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking AI Coding Agents Could Fuel Next Supply Chain Crisis Hacker Conversations: Joey Melo on Hacking AI Latest News Quantum Bridge Raises $8 Million for Quantum-Safe Key Distribution Solution Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass 1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials Anthropic Silently Patches Claude Code Sandbox Bypass Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack Caught Off Guard: Securing AI After It Hits Production Real-World ICS Security Tales From the Trenches Virtual Event Today: Threat Detection & Incident Response Summit Trending Virtual Event: Threat Detection And Incident Response Summit May 20, 2026 Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization. Register Webinar: Third-Party Risk In Practice June 4, 2026 Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice. Register People on the Move Tim Byrd has been appointed Chief Information Security Officer at First Citizens Bank. IRONSCALES has named Steve McKenzie as Chief Operating Officer. Silvio Pappalardo has joined AuthMind as Chief Revenue Officer. More People On The Move Expert Insights Caught Off Guard: Securing AI After It Hits Production As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode. (Joshua Goldfarb) Cyber Resilience Is The New Business Continuity Plan The organizations best prepared to face disruption are those that align security, continuity and risk management around what the business cannot afford to lose. (Steve Durbin) Enhancing Data Center Security Without Sacrificing Performance For AI data centers, where the stakes are the highest and performance constraints are the tightest, security and performance are no longer a zero-sum game. (Nadir Izrael) Is The SOC Obsolete, And We Just Haven’t Admitted It Yet? Many AI-first enterprises have already embraced sovereign architectures for general AI initiatives; cybersecurity—and the SOC—should be next. (Danelle Au) The Mythos Moment: Enterprises Must Fight Agents With Agents Only with the right platform and an agentic, AI-driven defense, will enterprises be able to protect themselves in the agentic era. (Etay Maor) Flipboard Reddit Whatsapp Email