:

CYBERSECURITY STARTUP RUN BY CONVICTED FELONS

SECURITY DESK1 MIN READ
WED, JUL 8, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

A vulnerability acquisition startup offering millions for zero-day exploits is operated by convicted felons with ties to far-right conspiracy theories, according to reports. The founders previously ran fake intelligence companies and an AI lobbying platform under assumed identities.

The startup sources security vulnerabilities in widely-used software, a practice that exists in a gray area of the cybersecurity industry. However, the backgrounds of its operators raise significant concerns about how acquired vulnerabilities might be used. The founders' prior ventures operated under false identities and included entities misrepresenting themselves as intelligence agencies. Their involvement in conspiracy theory circles adds another layer of scrutiny to the operation. Zero-day vulnerability markets have drawn regulatory attention in recent years, with policymakers debating whether such transactions should be restricted or regulated. The U.S. government has expressed concerns about exploits potentially reaching malicious actors. The startup's operational status and any regulatory response remain unclear at this time.

■ SOURCES

Krebs on Security

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

Iran leveraged known vulnerabilities in mobile networks to identify and target U.S. military personnel in the Middle East during the buildup to and early stages of armed conflict.

JUST NOWIndustry Desk

Security researchers can now validate system vulnerabilities by analyzing attack techniques rather than launching live exploits. This approach eliminates risks to critical infrastructure while still determining exploitability.

JUST NOWSecurity Desk

A new study reveals that YouTube and X are inadvertently functioning as gateways to nonconsensual deepfake pornography services. These platforms contain content directing users to sites where sexually explicit deepfakes can be created for as little as $1 per image.

JUST NOWIndustry Desk

SAP released security updates for 16 vulnerabilities in July 2026, including three critical flaws affecting NetWeaver, Commerce Cloud, and AppRouter. The patches address risks across multiple enterprise software components.

4H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.