{"id":287214,"date":"2026-07-08T08:35:00","date_gmt":"2026-07-08T12:35:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/07\/08\/felons-fraudsters-flog-offensive-cybersecurity-startup-krebs-on-security\/"},"modified":"2026-07-08T12:05:09","modified_gmt":"2026-07-08T16:05:09","slug":"felons-fraudsters-flog-offensive-cybersecurity-startup-krebs-on-security","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/07\/08\/felons-fraudsters-flog-offensive-cybersecurity-startup-krebs-on-security\/","title":{"rendered":"Felons, Fraudsters Flog Offensive Cybersecurity Startup \u2013 Krebs on Security"},"content":{"rendered":"<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/07\/felons-fraudsters-flog-offensive-cybersecurity-startup\/\">Felons, Fraudsters Flog Offensive Cybersecurity Startup \u2013 Krebs on Security<\/a><\/p>\n<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/07\/felons-fraudsters-flog-offensive-cybersecurity-startup\/\">https:\/\/krebsonsecurity.com\/2026\/07\/felons-fraudsters-flog-offensive-cybersecurity-startup\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-07-08 08:35:00<\/a><\/p>\n<p>Source Domain: <a href=\"krebsonsecurity.com\">krebsonsecurity.com<\/a><\/p>\n<p>A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platform they operated under assumed names.<\/p>\n<p>The X\/Twitter account <strong>IRIS C2<\/strong> (@C2IRIS) has gained more than 4,000 followers since its creation in January 2025, posting frequently about security vulnerabilities, AI and software exploits. IRIS C2 says it is a company in McLean, Va. that sells offensive cybersecurity capabilities.<\/p>\n<p id=\"caption-attachment-73902\" class=\"wp-caption-text\">The IRIS C2 website dangles the possibility of million-dollar payouts for exploits to attract talent.<\/p>\n<p>\u201cOur business model is this,\u201d reads a pinned post on top of the IRIS C2 account on X. \u201cAttract the very best vulnerability researchers and exploit developers in the world to join our company. This mostly revolves around junior engineers with raw talent\/extremely high IQ. We don\u2019t care if they have a college degree\/industry experience.\u201d<\/p>\n<p>The website linked in that profile \u2014 <strong>irisc2[.]com<\/strong> \u2014 says the company is hiring for a number of open positions, and a recent post on its LinkedIn page enthuses about an overwhelming number of applications from potential employees. The website claims IRIS C2 is in the business of acquiring \u201czero-day exploits, individual primitives, partial chains, and full capabilities across all major platforms. Payouts range from $10,000 to $7 million depending on target, reliability, and operational value.\u201d<\/p>\n<p>The government contracting portal <strong>g2exchange.com<\/strong> reports that irisc2[.]com is operated by a business based in Virginia called <strong>Calvexa Group LLC<\/strong>. The \u201ccontact\u201d link on the website for Calvexa Group \u2014 <strong>calvexagroup[.]com<\/strong> \u2014 forwards visitors to irisc2[.]com. G2Exchange shows that while Calvexa Group LLC is registered as a federal contractor, it does not appear to be working on any direct government&#8230;<\/p>\n<p><a href=\"https:\/\/krebsonsecurity.com\/2026\/07\/felons-fraudsters-flog-offensive-cybersecurity-startup\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Felons, Fraudsters Flog Offensive Cybersecurity Startup \u2013 Krebs on Security https:\/\/krebsonsecurity.com\/2026\/07\/felons-fraudsters-flog-offensive-cybersecurity-startup\/ Publish Date: 2026-07-08 08:35:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":287215,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/krebsonsecurity.com\/wp-content\/uploads\/2026\/06\/irisc2prices.png","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24,31,27],"class_list":["post-287214","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/287214"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=287214"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/287214\/revisions"}],"predecessor-version":[{"id":287216,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/287214\/revisions\/287216"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/287215"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=287214"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=287214"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=287214"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}