Sure, here’s the original investigation on its Russian origin: https://dou-ua.translate.goog/forums/topic/38748/?_x_tr_sl=uk&_x_tr_tl=en&_x_tr_hl=en-US (Dou is the ukrainian IT forum).
Note I didn’t claim anything about technical security. It’s more of an ethical issue. Even if it’s FOSS (which, as seen in the other subthread, its merely pretending to be), it’s helping russian government.
If you want to consider security — security starts with trust. And GRU/FSB will infiltrate and use any segment of supply chain it has in its reach, being less constrained with any laws than NSA. Are you sure that malicious code will be caught in time like with xz?
I switched from Kagi to Qwant because they’ll be collabing with Ecosia on their own index. Quality of results is, sadly, worse (uBlacklist helps somewhat), but I don’t want to support Kagi because they’re expanding their partnership with Yandex and funneling money to Kremlin.