A simple static application has fewer security concerns compared to a dynamic application that requires an internet connection. An example concern, that a developer might have with either a static or dynamic application is how to prevent non-authorized users from copying or reading the source code. This can easily be resolved by encrypting to the application content.
More security concerns appear when an internet connection is established for fetch data. This connection can put a user or application at risk. The biggest concerns, either hybrid or native development, is the data integrity. Did the data come from the originated source? Has the data been tampered with before reaching the app? This commonly known as a man in the middle attack.