KOI Security

The “Styles” Trap: 500,000 VK Accounts Hijacked by Chrome Extensions VK Malicious Extensions VK Styles Campaign

VK Malicious Extensions VK Styles Campaign

The “Styles” Trap: 500,000 VK Accounts Hijacked by Chrome Extensions

Do Son February 17, 2026

A massive malware campaign targeting Russia’s largest social network, VKontakte (VK), has been uncovered, revealing that over...

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials Outlook Add-in Phishing AgreeTo Malicious Add-in

Outlook Add-in Phishing AgreeTo Malicious Add-in

Inside Job: Abandoned Outlook Add-in “AgreeTo” Steals 4,000 Credentials

Do Son February 13, 2026

In a disturbing first for enterprise security, researchers at Koi Security have uncovered a malicious Microsoft Outlook...

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets GlassWorm Wave 4, macOS Supply Chain Attack

GlassWorm Wave 4, macOS Supply Chain Attack

macOS Developers in the Crosshairs: GlassWorm’s Wave 4 Exploits VS Code to Trojanize Hardware Wallets

Do Son January 6, 2026

The resilient “GlassWorm” threat actor, known for embedding malicious code into Visual Studio Code extensions, has returned...

The Sleeper in Your Browser: How DarkSpectre Turned 8.8 Million Extensions into State-Aligned Spies DarkSpectre, Browser Extension Espionage

DarkSpectre, Browser Extension Espionage

The Sleeper in Your Browser: How DarkSpectre Turned 8.8 Million Extensions into State-Aligned Spies

Do Son January 5, 2026

In a revelation that exposes a gaping hole in the browser extension ecosystem, Koi Security has unmasked...

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

lotusbail, npm Supply Chain Attack

“LotusBail” Trap: 56,000 Developers Downloaded a Fake WhatsApp API That Works perfectly—While Stealing Everything

Do Son December 25, 2025

A new investigation by Koi Security has exposed a highly sophisticated supply chain attack lurking in the...

VPN Betrayal: Popular “Free” Extensions Caught Siphoning 8 Million Users’ Private AI Chats Urban VPN AI Chat Harvesting, KOI Security Extension Scandal

Urban VPN AI Chat Harvesting, KOI Security Extension Scandal

VPN Betrayal: Popular “Free” Extensions Caught Siphoning 8 Million Users’ Private AI Chats

Do Son December 19, 2025

Cybersecurity firm KOI recently published a blog post revealing that the Urban VPN Proxy browser extension—whose cumulative...