AI, and especially agentic AI, is remodeling attack and defense throughout cybersecurity.
Any distinction between emerging targets and primary targets in app security has dissolved, courtesy of bad actors’ rapid adoption of agentic AI. All apps should be considered primary targets, and security budgets should be allocated to reflect the new reality.
Two areas of focus are discussed in Digital.ai’s 2026 App Security Threat Report.
Firstly, the number of attacks against client-facing apps monitored by the firm has increased from 55% in 2022 to 87% in 2026. This increase is driven by the role of AI in permanently collapsing the cost and expertise required by bad actors to do so. Attackers focus on AI’s ability in reverse engineering, exploit generation, and dynamic analysis.
Secondly, the traditional security gap between iOS and Android closed significantly between 2023 and 2026. “In 2023, iOS apps faced half the attack rate of Android apps. In 2026, they face 97% of it,” states the report, “and the gap that remains is closing fastest in the most sophisticated attack category.” AI’s ability to operate in both iOS and Android environments is the cause.
These are related. Sectors and systems that were once difficult to attack have become easier through AI assistance.
Just as AI increases the speed of development and release of new apps, it also enables the attackers to act faster. While publishing an app to the App Store or Google Play has always been considered a milestone achievement in the past, “It is now, in operational terms, a security exposure event,” suggests the report.
It further notes, “One Digital.ai customer recorded a platform integrity attack on their application within one hour and fifty-six minutes of the application becoming available in the store.” The window between app publication and first hostile contact is now measured in hours, not days.
Breaking down the attack instance by vertical sector further implicates the rise of AI-assisted adversarial activity. During the period 2025 to 2026 the attack rates of four verticals have converged. But what is most notable is that the rates for automotive apps and medical device apps have risen the most steeply.
The AI dimension is what makes the convergence with financial services significant rather than coincidental, explains the report. Automotive apps were historically protected in part by their technical complexity – vehicle telematics protocols, custom binary formats, OEM-specific authentication flows. Reverse engineering that complexity required expertise that limited the attacker population. AI-assisted tooling has made this expertise more accessible.
The steepest vertical rise is in medical device apps, which had an eight-percentage point increase in attack rates. “The verticals where attackers have had to do the most work to extract the most value are precisely the verticals where AI-assisted tooling produces the largest marginal gains. The +8 point jump is consistent with attackers discovering that medical-device connected apps offer a better return on effort than they did when reverse engineering required specialized expertise,” explains Digital.ai.
The distinction between a primary target and an emerging target has dissolved. It is no longer valid to prioritize a security defense budget on what was once considered an emerging target – the use of AI makes all targets primary.
This equally applies to any concept of geographic insulation. “The honest call to action is that organizations whose AppSec posture has implicitly relied on geographic distance from the threat should make that reliance explicit, examine it, and stop relying on it,” states the report.
The reason is simple. “The same AI your developers used to build your app this morning is being used to attack it this afternoon,” comments Derek Holt, CEO at Digital.ai. “That forces a question every AppSec team needs to answer: is the application built to defend itself from the moment it hits the store? Or is it waiting for the security team to notice it is being used as the entry point? In an environment where 87% of monitored apps are under attack, waiting is not a strategy. The gap between where the attacks are and where the security investment is, is no longer acceptable.”
The overwhelming conclusion to be drawn from Digital.ai’s app security threat analysis is that defenders must adopt defensive agentic AI to counter the attackers’ increasingly sophisticated use of agentic AI. Bad actors always adopt new technology faster than industry. They did so in this case – they have nothing to lose in making a mistake. The result is that attack instances have risen, and are continuing to rise, at great speed. The onus is now on the defenders to develop and use their own secure agentic systems to narrow the gap between attack and defense.
Related: AI Fuels ‘Industrial’ Cybercrime as Time-to-Exploit Shrinks to Hours
Related: Cyber Insights 2026: Quantum Computing and the Potential Synergy With Advanced AI
Related: Sweet Security Launches Agentic AI Red Teaming to Counter ‘Mythos Moment’
Related: The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI
