Embracing a New Domain Name: koi.ai 🪩
Read our blog post

Filter by

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Koi Research

Google and Microsoft Trusted Them. 2.3 Million Users Installed Them. They Were Malware.

Idan Dardikman

,

,

July 8, 2025

Koi Research

When Both Marketplaces Fall: The Cross-Platform Extension Malware Campaign

Amit Assaraf

,

,

July 2, 2025

Koi Research

FoxyWallet: 40+ Malicious Firefox Extensions Exposed

Yuval Ronen

,

,

July 2, 2025

Koi Research

Marketplace Takeover: How We Could’ve Taken Over Every Developer Using a VSCode Fork; Putting Millions at Risk

Oren Yomtov

,

,

June 26, 2025

Security Insights

Trust Me, I’m Local: Chrome Extensions, MCP, and the Sandbox Escape

Yuval Ronen

,

,

April 24, 2025

Koi Research

Mining in Plain Sight: The VS Code Extension Cryptojacking Campaign

Yuval Ronen

,

,

April 7, 2025

Security Insights

A Month Of Malware In The Chrome Web Store

Amit Assaraf

,

,

April 3, 2025

Koi Research

A Wolf in Dark Mode: The Malicious VS Code Theme That Fooled Millions

Amit Assaraf

,

Idan Dardikman

,

Oren Yomtov

February 26, 2025

Security Insights

When Chrome Extensions Turn Against Us: The Cyberhaven Breach and Beyond

Amit Assaraf

,

,

December 30, 2024

Koi Research
Security Insights

Live Updates: Shai-Hulud, The Most Dangerous NPM Breach In History Affecting CrowdStrike and Hundreds of Popular Packages

Idan Dardikman

,

Yuval Ronen

,

September 16, 2025