https://www.koi.ai https://www.koi.ai/book-a-demo https://www.koi.ai/about https://www.koi.ai/privacy-policy https://www.koi.ai/cookie-policy https://www.koi.ai/terms-and-conditions https://www.koi.ai/platform https://www.koi.ai/solutions/discovery https://www.koi.ai/solutions/policies https://www.koi.ai/solutions/approve https://www.koi.ai/chat-with-us https://www.koi.ai/blog https://www.koi.ai/wall-of-koi https://www.koi.ai/you-are-invited-to-join-koi https://www.koi.ai/webinar/mcp-backdoor https://www.koi.ai/product/endpoint https://www.koi.ai/product/wings https://www.koi.ai/product/gateway https://www.koi.ai/general-roadmap-session https://www.koi.ai/hall-of-fame/koipid-challenge https://www.koi.ai/customers/cambia-health-solutions https://www.koi.ai/blog/1-6-how-we-hacked-multi-billion-dollar-companies-in-30-minutes-using-a-fake-vscode-extension https://www.koi.ai/blog/2-6-exposing-malicious-extensions-shocking-statistics-from-the-vs-code-marketplace https://www.koi.ai/blog/3-6-a-letter-to-microsoft-uncovering-design-flaws-of-visual-studio-code-extensions https://www.koi.ai/blog/4-6-introducing-extensiontotal-how-to-assess-risk-in-vs-code-extensions https://www.koi.ai/blog/4-million-browsers-infected-inside-shadypanda-7-year-malware-campaign https://www.koi.ai/blog/5-6-breaking-the-internet-the-aftermath-of-our-research https://www.koi.ai/blog/a-month-of-malware-in-the-chrome-web-store https://www.koi.ai/blog/a-wolf-in-dark-mode-the-malicious-vs-code-theme-that-fooled-millions https://www.koi.ai/blog/agreetosteal-the-first-malicious-outlook-add-in-leads-to-4-000-stolen-credentials https://www.koi.ai/blog/amazons-ai-assistant-almost-nuked-a-million-developers-production-environments https://www.koi.ai/blog/axios-compromised-a-supply-chain-attack-on-npms-most-popular-http-client https://www.koi.ai/blog/brew-hijack-serving-malware https://www.koi.ai/blog/clawhavoc-341-malicious-clawedbot-skills-found-by-the-bot-they-were-targeting https://www.koi.ai/blog/command-injection-flaw-in-framelink-figma-mcp-server-puts-nearly-1-million-downloads-at-risk https://www.koi.ai/blog/darkspectre-unmasking-the-threat-actor-behind-7-8-million-infected-browsers https://www.koi.ai/blog/embracing-a-new-domain-name-koi-ai https://www.koi.ai/blog/foxywallet-40-malicious-firefox-extensions-exposed https://www.koi.ai/blog/glassworm-first-self-propagating-worm-using-invisible-code-hits-openvsx-marketplace https://www.koi.ai/blog/glassworm-goes-mac-fresh-infrastructure-new-tricks https://www.koi.ai/blog/glassworm-goes-native-same-infrastructure-hardened-delivery https://www.koi.ai/blog/glassworm-hits-mcp-5th-wave-with-new-delivery-techniques https://www.koi.ai/blog/glassworm-returns-new-wave-openvsx-malware-expose-attacker-infrastructure https://www.koi.ai/blog/google-and-microsoft-trusted-them-2-3-million-users-installed-them-they-were-malware https://www.koi.ai/blog/greedybear-650-attack-tools-one-coordinated-campaign https://www.koi.ai/blog/how-we-prevented-cursor-windsurf-google-antigravity-from-recommending-malware https://www.koi.ai/blog/inside-ghostposter-how-a-png-icon-infected-50-000-firefox-browser-users https://www.koi.ai/blog/koi-raises-48m-to-reinvent-endpoint-security-for-the-modern-software-stack https://www.koi.ai/blog/koi-to-join-palo-alto-networks-a-defining-moment https://www.koi.ai/blog/maliciouscorgi-the-cute-looking-ai-extensions-leaking-code-from-1-5-million-developers https://www.koi.ai/blog/marketplace-takeover-how-we-couldve-taken-over-every-developer-using-a-vscode-fork-putting-millions-at-risk https://www.koi.ai/blog/mcp-malware-wave-continues-a-remote-shell-in-backdoor https://www.koi.ai/blog/mining-in-plain-sight-the-vs-code-extension-cryptojacking-campaign https://www.koi.ai/blog/npm-package-with-56k-downloads-malware-stealing-whatsapp-messages https://www.koi.ai/blog/npm-supply-chain-attack-package-poisoner https://www.koi.ai/blog/open-sesame-how-a-fail-open-bug-in-open-vsxs-new-scanner-let-malware-walk-right-in https://www.koi.ai/blog/owasp-agentic-ai-top-10-a-practical-security-guide https://www.koi.ai/blog/packagegate-6-zero-days-in-js-package-managers-but-npm-wont-act https://www.koi.ai/blog/phantomraven-npm-malware-hidden-in-invisible-dependencies https://www.koi.ai/blog/postmark-mcp-npm-malicious-backdoor-email-theft https://www.koi.ai/blog/promptjacking-the-critical-rce-in-claude-desktop-that-turn-questions-into-exploits https://www.koi.ai/blog/shadowprompt-how-any-website-could-have-hijacked-anthropic-claude-chrome-extension https://www.koi.ai/blog/spyvpn-the-vpn-that-secretly-captures-your-screen https://www.koi.ai/blog/the-vs-code-malware-that-captures-your-screen https://www.koi.ai/blog/tiger-jack-malicious-vscode-extensions-stealing-code https://www.koi.ai/blog/trust-me-im-local-chrome-extensions-mcp-and-the-sandbox-escape https://www.koi.ai/blog/trust-wallet-binance-compromised-inside-the-code-that-stole-7m-on-christmas-eve https://www.koi.ai/blog/two-years-17k-downloads-the-npm-malware-that-tried-to-gaslight-security-scanners https://www.koi.ai/blog/urban-vpn-browser-extension-ai-conversations-data-collection https://www.koi.ai/blog/vk-styles-500k-users-infected-by-chrome-extensions-that-hijack-vkontakte-accounts https://www.koi.ai/blog/vscode-extension-trivia-real-or-cake https://www.koi.ai/blog/when-anthropic-claude-becomes-a-cyber-weapon-the-ai-arms-race-has-begun https://www.koi.ai/blog/when-both-marketplaces-fall-the-cross-platform-extension-malware-campaign https://www.koi.ai/blog/when-chrome-extensions-turn-against-us-the-cyberhaven-breach-and-beyond https://www.koi.ai/blog/whitecobra-vscode-cursor-extensions-malware https://www.koi.ai/incident/live-updates-sha1-hulud-the-second-coming-hundred-npm-packages-compromised https://www.koi.ai/incident/shai-hulud-npm-supply-chain-attack-crowdstrike-tinycolor