An AI-generated cybersecurity report falsely linked a video conferencing startup to a Chinese spying campaign — and now there's a lawsuit over it.
MeetingTV filed suit against Palo Alto Networks and its subsidiary Koi Security after Koi's Wings analytical platform allegedly fabricated connections between MeetingTV's Zoomcorder service and a threat group called DarkSpectre. The disputed report centered on a browser extension called Twitter X Video Downloader — which, according to MeetingTV's court filing, does not exist. Koi published the report without contacting MeetingTV for comment or offering a chance to respond. After the report went live, security vendors and service providers began blocking MeetingTV's domains as malicious infrastructure.
The case cuts to a real and largely unresolved problem in the security industry: threat intelligence teams increasingly rely on automated tools to handle data at a scale no human team could manage, but the verification layer hasn't kept pace. When a wrong conclusion stays inside a vendor's internal system, the cost is a wasted analyst hour. When it goes into a published report, companies get blocklisted and reputations take damage that outlasts any correction.
Koi later removed the Zoomcorder references, and Palo Alto — which acquired Koi in April — said it stands behind Koi's research process. That defense will be tested in court. If MeetingTV's account holds up, expect renewed pressure on security vendors to treat AI-assisted findings as drafts requiring human sign-off, not conclusions ready to publish.