They're successfully bypassing the secure element throttling on 2nd through 5th generation Pixels. Titan M2 has held up so well that it appears they didn't have a working exploit for it at any point, so they can't even brute force a random 6 digit PIN on a Pixel 6 with the initial release of the OS shipping with the device. They're likely only trying to attack the latest firmware version, so unless they succeed at some point they won't end up with the capability even for older devices. It would be a waste of their resources to develop exploits which only work against older OS/firmware versions. These companies are likely quite unhappy with the recent improvements we got done upstream for Pixel firmware in the April release but they still haven't added enough OS level hardening to defeat their reliable AFU OS exploits even temporarily. You can see the latest iOS has made changes which require them to make adjustments, which they'll likely get done pretty quickly, but they appear to have an easier time stock Pixel OS.
GrapheneOS does far more hardening than iOS against these attacks so the results make sense. We also have auto-reboot so even if they do develop a successful exploit, their window of opportunity to use it to get data from user profiles is 18 hours from when it was locked, or significantly less if users lowered the value which can go as low as 10 minutes. Our new USB-C port control feature is also a really big deal for this. We became aware of them specifically targeting GrapheneOS and have been focusing on improving things as much as we can as one of our highest priorities. Duress PIN/password was delayed since we focused on anti-exploitation approaches benefiting everyone first, but it'll ship soon, as will the 2-factor fingerprint unlock feature which surprisingly is close to done due to a new contributor we plan to hire.