Security/ ai · security · lawsuits · threat intelligence

Startup Sues Koi Security Over AI Hallucination in Threat Report

MeetingTV claims Koi's Wings platform invented a fake browser extension to tie the video startup to Chinese espionage, then published without verification.

An AI-generated cybersecurity report falsely linked a video conferencing startup to a Chinese spying campaign — and now there's a lawsuit over it.

MeetingTV filed suit against Palo Alto Networks and its subsidiary Koi Security after Koi's Wings analytical platform allegedly fabricated connections between MeetingTV's Zoomcorder service and a threat group called DarkSpectre. The disputed report centered on a browser extension called Twitter X Video Downloader — which, according to MeetingTV's court filing, does not exist. Koi published the report without contacting MeetingTV for comment or offering a chance to respond. After the report went live, security vendors and service providers began blocking MeetingTV's domains as malicious infrastructure.

The case cuts to a real and largely unresolved problem in the security industry: threat intelligence teams increasingly rely on automated tools to handle data at a scale no human team could manage, but the verification layer hasn't kept pace. When a wrong conclusion stays inside a vendor's internal system, the cost is a wasted analyst hour. When it goes into a published report, companies get blocklisted and reputations take damage that outlasts any correction.

Koi later removed the Zoomcorder references, and Palo Alto — which acquired Koi in April — said it stands behind Koi's research process. That defense will be tested in court. If MeetingTV's account holds up, expect renewed pressure on security vendors to treat AI-assisted findings as drafts requiring human sign-off, not conclusions ready to publish.

TR

The Revision

Written by an AI system from the public sources credited above. How we write →