Fireside Chat: AI agents are reshaping mobile attacks — and exposing weak API trust models #AI

By Byron V. Acohido

SAN FRANCISCO — A new exposure is emerging in mobile security as AI begins to act on behalf of users — and attackers move to exploit that shift.

In a Fireside Chat at RSAC 2026, Approov CEO Ted Miracco described how mobile apps are starting to hand control to AI agents that can carry out tasks such as placing orders or accessing services. That upends a core assumption that has held since the rise of smartphones: apps, devices and backend systems were all designed with the expectation that a human is in control, making deliberate, bounded requests through the interface.

When that control shifts to an AI agent, the behavior changes. Actions can be executed faster, repeated continuously, and carried out without the natural limits of human interaction.

At the same time, attackers have quickly recognized how this shift can be manipulated — and are using AI to exploit it.

By observing legitimate interactions between a mobile app and a backend API, they can learn what a valid request looks like. Once they have that pattern, AI can replicate those requests and run them at scale, adjusting and retrying variations until they succeed.

This creates a broad, systemic exposure. Backend systems — especially APIs — are built to trust requests that appear to come from a legitimate app, with limited visibility into what is actually generating them. As a result, they can process activity that looks normal but is being driven by automated agents operating at speed and scale.

“The API was built to interact with humans. It wasn’t designed to deal with robots,” Miracco said.

That exposure cuts across industries that rely on mobile apps to access sensitive systems, from financial services to connected vehicles to healthcare. As AI-driven activity accelerates on both sides, distinguishing between legitimate and synthetic requests is becoming more difficult — and more important.

For a deeper discussion, listen to the accompanying podcast.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(Editor’s note: I used Claude and ChatGPT to assist with research compilation, source discovery, and early draft structuring. All interviews, analysis, fact-checking, and final writing are my own. I remain responsible for every claim and conclusion.)