Koi Security

Koi is a cybersecurity firm focused on software supply chain security and threat intelligence. The company independently tracked the Glassworm threat actor group, publishing research that corroborated the use of large language models (LLMs) to generate malicious packages targeting open-source ecosystems such as npm and PyPI.