Security

Startup Sues Cybersecurity Firm Over AI Misidentification

MeetingTV alleges Koi Security's AI system wrongly flagged it as part of Chinese espionage network, triggering global service blocks.

Omega Editorial· July 5, 2026· 3 min read

Lawsuit alleges AI error destroyed legitimate business

A U.S. startup has filed a federal lawsuit claiming an artificial intelligence system used by a cybersecurity firm mistakenly identified it as part of a Chinese state-linked espionage network, causing what it describes as catastrophic damage to its operations.

MeetingTV filed suit in March in federal court in Southern California against Koi Security and its four Israeli founders: Amit Assaraf, Idan Dardikman, Tuval Admoni, and Gal Hachamov. The complaint was later amended in May 2026 to include Palo Alto Networks, which acquired Koi in April for hundreds of millions of dollars, according to details first reported by Calcalistech.

The disputed threat intelligence report

The legal dispute centers on a December 2025 threat intelligence report published by Koi Security titled "DarkSpectre: Unmasking the Threat Actor Behind 8.8 Million Infected Browsers." The report examined cyber infrastructure allegedly connected to a Chinese state-directed attack group.

Koi included MeetingTV's domain in the report's IOC (Indicators of Compromise) list, effectively marking the company as part of hostile infrastructure. MeetingTV contends this classification was fundamentally incorrect and resulted from an erroneous output by Koi's proprietary AI system called "Wings," rather than traditional forensic investigation. The complaint alleges Koi published the findings without adequate human verification.

Once the report circulated within the cybersecurity community, security vendors, enterprise firewalls, and defense contractors worldwide began automatically blocking traffic to MeetingTV's website and application. The company claims this resulted in a collapse of online visibility, operational disruption, and severe revenue and reputation damage.

Koi Security later updated its report, clarifying that subsequent review found no evidence linking MeetingTV's domain to Chinese malicious activity. However, MeetingTV argues the correction came too late to prevent substantial harm.

Why it matters

This case highlights the growing tension between rapid AI-assisted threat intelligence and the potential for automated systems to cause real-world business damage through misclassification. As cybersecurity firms increasingly deploy AI to identify threats at scale, the lawsuit raises questions about liability when algorithmic errors affect legitimate companies and whether existing legal frameworks adequately address AI-generated intelligence failures.

Defense argues research protection

Palo Alto Networks and Koi Security deny the allegations. In a motion to dismiss filed last week, Palo Alto argues the report constituted broad cybersecurity intelligence analysis, not a direct accusation of criminal conduct against MeetingTV.

The company contends cybersecurity researchers require protection from defamation claims for good-faith analytical errors involving matters of public interest. "The speech at issue, the results of extensive research into cybersecurity threat actors, goes to the heart of an important public issue: safety and security online," Palo Alto stated in its filing.

The company characterized the report as safety research published on a publicly accessible blog without a paywall, identifying IOCs tied to malware campaigns affecting enterprise users globally.

The case details were first reported by Calcalistech.

#ai hallucination#cybersecurity#threat intelligence#palo alto networks#liability#misidentification

This is an original analysis by the Omega editorial team. Source reporting: AI Watch.

Want systems like this working for your business?

Book a Call

More in Security

Security· 3 min read

Meta Hired Contractors to Pose as Teens, Probe Rival AI Models

A secretive program sent nearly 50,000 disturbing prompts to ChatGPT, Gemini, and Character.AI without the companies' knowledge.

Via AI Watch · Jul 4, 2026
Security· 3 min read

AI Agent Executes First Fully Autonomous Ransomware Attack

Security researchers document an LLM-driven extortion operation that broke into systems, stole credentials, and encrypted data without human intervention.

Via AI Watch · Jul 3, 2026
Security· 3 min read

AWS Bedrock Detects AI-Generated Phishing Through Behavioral Analysis

Amazon's foundation model service adds contextual threat detection to catch sophisticated phishing that traditional filters miss.

Via AI Watch · Jul 2, 2026