Everyone said AI would kill apps. Instead, new app launches are soaring.

According to a new analysis from market intelligence provider Appfigures, worldwide app releases in the first quarter of 2026 were up 60% year-over-year across both Apple’s App Store and Google Play. That percentage was an even higher 80% when looking at the iOS App Store alone. In April 2026 so far, the total number of app releases is up 104% across both stores compared to the same time last year, and up 89% on iOS.

As Apple’s Senior Vice President of Worldwide Marketing, Greg “Joz” Joswiak, quipped In a recent interview: rumors of the App Store’s death in the AI age “may have been greatly exaggerated.”

These findings come amid concerns that the rise of AI chatbots and agents would ultimately see users turning away from apps — a theory that’s already being floated by those in the industry, like Nothing CEO Carl Pei, who is focused on building a smartphone for the AI era. The New York Times also reported last year on the potential for new computing platforms to eclipse the smartphone, like smart glasses, ambient computing devices, or reimagined smartwatches with AI features.

OpenAI is even working on an AI hardware device with famed Apple designer Jony Ive.

But there’s another possibility, too: AI will make it easier for anyone to create apps, driving a rebirth of the App Store. The new app gold rush could be led by creators who have ideas but not the technical skills to design mobile software.

Appfigures’ data indicates that certain categories of apps are seeing more new releases than others.

Mobile games still account for most of the new app releases worldwide as of Q1 2026, as they have in prior years. But “productivity” apps have moved into the top five this year. The “utilities” category has also moved up to the number two slot, and the “lifestyle” apps category moved up from the No. 5 slot last year to now No. 3. Finally, “health and fitness”-style applications rounded out the top five categories.

The working hypothesis here is that AI-powered tools, like Claude Code or Replit, could be behind the surge of new launches. It also seems possible that we’re hitting some sort of tipping point in terms of AI usability, where it’s easy enough for people to leverage these tools to build their own desired mobile apps more quickly — or even build their first apps ever.

The explosion of new apps for Apple to review could also be behind some of the tech giant’s recent missteps. This week, Apple pulled the rewards app Freecash from the App Store for rules violations, after letting the app climb the store’s Top Charts and sit in the top five for months. Apple was also caught off guard by a malicious cryptocurrency app, a clone of Ledger Live, that drained $9.5 million in crypto from victims’ accounts.

While high-profile problems like this can generate bad PR for the App Store, the company still does a lot of heavy lifting in terms of blocking and rejecting dangerous or spammy apps. Apple’s most recent analysis from 2024 said the company had removed or rejected more than 17,000 apps for bait-and-switch violations that year; rejected more than 320,000 app submissions that were found to be spam, copying other apps, or misleading; and took action to prevent more than 37,000 potentially fraudulent apps from reaching users on the App Store.

Still, Apple pundits like John Gruber have long argued that the App Store needs a “bunco squad” of sorts that watches for scammy or fraudulent apps that are gaining in popularity or high-grossing.

If AI-assisted vibe coding turns out to be behind the recent surge of app releases, that need will only grow as more new apps flood the marketplace, not all of which will be benign.

Nigeria’s data protection regulator says it has launched an investigation into a suspected compromise of the country’s corporate registry systems, raising fresh concerns about the resilience of critical digital infrastructure underpinning business operations.

The Nigeria Data Protection Commission says it is probing an alleged data breach at the Corporate Affairs Commission, signalling what could be one of the most consequential cybersecurity incidents affecting Nigeria’s corporate database ecosystem.

In a statement issued on April 17, 2026, Babatunde Bamigboye, Head, Legal, Enforcement & Regulations at NDPC confirms that the agency has “initiated an investigation into the reported data breach at the Corporate Affairs Commission (CAC)” pursuant to Section 46(3) of the Nigeria Data Protection Act, 2023.

The data protection regulator says the probe is part of broader efforts to maintain confidence in Nigeria’s digital economy, stating that the investigation “underscores the importance of fostering trust in Nigeria’s economic environment.”

The Nigeria Data Protection Commission says it is probing an alleged data breach at the Corporate Affairs Commission, signalling what could be one of the most consequential cybersecurity incidents affecting Nigeria’s corporate database ecosystem.

NDPC flags sophisticated cyber threats

The Commission’s disclosure points to increasingly advanced cyber threats targeting national data systems, with the regulator warning that malicious actors are deploying complex methods to breach sensitive infrastructure.

According to the NDPC, “threat actors in the digital space have devised malicious methods of compromising the data security architecture of key databases,” adding that such attacks now involve “large-scale data exfiltration and cross-platform compromise across interconnected systems.”

This suggests that the alleged breach at CAC may not be an isolated incident but part of a broader pattern of coordinated cyber operations targeting critical data repositories across Nigeria.

The Commission stops short of detailing the scale or impact of the breach at CAC but indicates that the investigation will be comprehensive and technically rigorous.

The NDPC outlines a multi-layered investigative approach that will scrutinise key components of CAC’s data protection architecture.

It says the investigation will “cover the procedures and outcomes of Access Control Mechanisms, Data Privacy Impact Assessments, Vulnerability Assessment and Penetration Testing (VAPT), as well as due diligence on third-party data processors.”

This scope reflects a deep-dive into both internal controls and external dependencies, particularly the role of third-party processors, which are often a weak link in complex data ecosystems.

The Commission also signals that enforcement and remediation will be coordinated across institutions, noting that the National Commissioner/CEO, Vincent Olatunji, has “directed the Commission’s technical team to immediately interface with relevant authorities and pivotal organisations, with a view to reinforcing existing guardrails for the processing of personal data.”

Despite the seriousness of the probe, the NDPC seeks to reassure the public about the overall integrity of Nigeria’s data protection framework.

“The NDPC assures members of the general public that frameworks for data protection, in terms of technology and other requisite resources in Nigeria, remain fundamentally strong,” the Commission says.

It adds that this strength is “evident in the increasing rate of access to data-driven services,” suggesting that digital adoption trends remain robust despite emerging risks.

The regulator sees its intervention as part of ongoing efforts to sustain trust and investment, stating that its actions are “necessary regulatory actions geared towards sustaining public trust in these services and bolstering continuous investment in Nigeria’s digital economy.”

NDPC advisory highlights escalating national risk

The CAC investigation follows closely on the heels of a broader regulatory advisory issued by the NDPC on Thursday, warning of escalating threats to Nigeria’s data security architecture.

In that advisory, the Commission states that its “technical assessment indicates that some shadowy threat actors have engaged in coordinated operations targeting financial systems and some key digital infrastructure in Nigeria.”

The language underscores a systemic risk environment in which multiple sectors, including financial services and government databases, are increasingly exposed to sophisticated cyber threats.

The NDPC highlights the advisory as a directive to all data controllers and processors, stating that it is issued “in response to the escalating threat to data security infrastructure.”

Presidential directive reinforces data protection urgency

The Commission anchors its advisory in national policy, referencing a directive by President Bola Ahmed Tinubu that elevates data governance as a strategic priority.

Quoting the President, the NDPC recalls the declaration that “Data is the new oil, its value increases the more it is refined and responsibly shared.”

The directive further mandates public sector compliance, with the President stating: “I therefore direct all Ministries, Extra-Ministerial Departments and Agencies to capture information rigorously and safeguard it under the Nigeria Data Protection Act 2023.”

This policy framing reinforces the significance of the CAC probe, positioning it within a broader national agenda to secure data as a critical economic asset.

In response to the heightened threat landscape, the NDPC is calling for immediate action across both public and private sector organisations.

The Commission “strongly advises that data controllers and processors (including MDAs) are to urgently step-up their technical and organisational measures to ensure the privacy of all Nigerians and other data subjects in line with the Nigeria Protection Act, 2023 (NDP Act).”

This directive signals a shift from advisory to expectation, with regulators emphasising proactive compliance rather than reactive remediation.

The directive further mandates public sector compliance, with the President stating: “I therefore direct all Ministries, Extra-Ministerial Departments and Agencies to capture information rigorously and safeguard it under the Nigeria Data Protection Act 2023.”

Detailed compliance measures outlined

The NDPC provides an extensive checklist of measures that organisations are expected to implement to strengthen their data protection posture.

These include the “appointment of duly trained and certified Data Protection Officers” and the “development and effectual implementation of Privacy Policies and information security standards.”

Organisations are also required to undertake “Data Privacy Impact Assessments” and deploy “robust identity and access controls, including Multi-Factor Authentication (MFA).”

The Commission further emphasises modern security architectures, calling for the “implementation of zero-trust security architecture and network segmentation,” alongside “immediate remediation of identified system vulnerabilities and continuous patch management.”

Additional measures focus on securing digital infrastructure, including “cloud infrastructure, APIs, databases, and access credentials,” as well as implementing “real-time monitoring, logging, and threat detection mechanisms.”

The advisory also highlights the importance of cryptographic controls, recommending the “implementation of encryption, key management, and secure credential handling.”

To ensure system resilience, organisations are instructed to conduct “Vulnerability Assessment and Penetration Testing (VAPT) on critical systems” and maintain “regular backup, recovery, and resilience testing.”

The NDPC makes clear that compliance is not optional, warning that failure to implement required measures could attract legal consequences.

“Organisations that fail or neglect to implement appropriate measures as required under the Nigeria Data Protection Act, 2023 may incur legal liabilities,” the Commission states.

At the same time, it offers support for compliance efforts, noting that it “is prepared to provide requisite regulatory support to organisations in order to ensure adequate level of data privacy and protection.”

The regulator reiterates its institutional mandate, stating that it “remains committed to protecting personal data, strengthening institutional resilience, and ensuring compliance across all sectors.”

CAC breach probe signals broader systemic implications

The convergence of the CAC investigation and the national advisory highlights a critical moment for Nigeria’s digital governance framework.

The alleged breach at the Corporate Affairs Commission is significant not only because of the volume and sensitivity of corporate data involved, but also because of its central role in Nigeria’s business ecosystem.

As the official repository of company registrations and corporate records, CAC’s database underpins business identity, compliance, and transactional trust across sectors.

A compromise of such infrastructure, if confirmed, could have ripple effects across:

* corporate governance systems

* financial services verification processes

* investor confidence

* regulatory compliance frameworks

“Organisations that fail or neglect to implement appropriate measures as required under the Nigeria Data Protection Act, 2023 may incur legal liabilities,” the Commission states.

Data-driven economy faces trust test

The NDPC’s actions suggest that Nigeria’s transition to a data-driven economy is entering a phase where security and trust are becoming as critical as access and innovation.

While the Commission maintains that existing frameworks are “fundamentally strong,” the dual issuance of a breach investigation and a national advisory indicates that regulators are responding to heightened threat intensity and systemic exposure.

The CAC probe, therefore, is more than an isolated enforcement action, it is a stress test of Nigeria’s data protection architecture.

With the investigation underway, stakeholders across government and industry are likely to face increased scrutiny regarding their data governance practices.

The NDPC’s emphasis on areas such as:

* access control mechanisms

* third-party processor due diligence

* vulnerability testing

signals where regulatory focus will be concentrated in the coming months.

Organisations operating critical data systems may need to reassess their compliance posture in light of the Commission’s detailed advisory and enforcement stance.