Plan
active
Krebs: Offensive cyber startup run by convicted felons pitching zero-day buys
- Engineer — Skip
- SOC/IR — Learn: Highlights the risk of sourcing threat intel or vulnerability data from unvetted offensive security vendors; useful context when evaluating new tool or feed vendors.
- Leader — Plan: Review any vendor relationships or zero-day acquisition programs for due-diligence gaps; this case illustrates how fraudulent operators can enter the security supply chain under assumed identities.
This entry was curated and judged by AI (Claude) with automated enrichment
(CISA KEV / EPSS / public PoC). Verify against the original source before
acting. Found a bad verdict?
Report it —
confirmed errors go to the corrections log.