July 8, 2026 28 Comments A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platform they operated under assumed names. The X/Twitter account IRIS C2 (@C2IRIS) has gained more than 4,000 followers since its creation in January 2025, posting frequently about security vulnerabilities, AI and software exploits. IRIS C2 says it is a company in McLean, Va. that sells offensive cybersecurity capabilities. The IRIS C2 website dangles the possibility of million-dollar payouts for exploits to attract talent. βOur business model is this,β reads a pinned post on top of the IRIS C2 account on X.
βAttract the very best vulnerability researchers and exploit developers in the world to join our company. This mostly revolves around junior engineers with raw talent/extremely high IQ. We donβt care if they have a college degree/industry experience.β The website linked in that profile β irisc2[.]com β says the company is hiring for a number of open positions, and a recent post on its LinkedIn page enthuses about an overwhelming number of applications from potential employees. The website claims IRIS C2 is in the business of acquiring βzero-day exploits, individual primitives, partial chains, and full capabilities across all major platforms.
Source: https://krebsonsecurity.com/2026/07/felons-fraudsters-flog-offensive-cybersecurity-startup
βAttract the very best vulnerability researchers and exploit developers in the world to join our company. This mostly revolves around junior engineers with raw talent/extremely high IQ. We donβt care if they have a college degree/industry experience.β The website linked in that profile β irisc2[.]com β says the company is hiring for a number of open positions, and a recent post on its LinkedIn page enthuses about an overwhelming number of applications from potential employees. The website claims IRIS C2 is in the business of acquiring βzero-day exploits, individual primitives, partial chains, and full capabilities across all major platforms.
Source: https://krebsonsecurity.com/2026/07/felons-fraudsters-flog-offensive-cybersecurity-startup