Italian company Bending Spoons flew largely under the radar — until last month. In a span of 48 hours, the company announced the acquisition of AOL and a massive $270 million raise, quadrupling its valuation to $11 billion, up from $2.55 billion set in early 2024.
Bending Spoons has grown rapidly by acquiring stagnating tech brands like Evernote, Meetup, and Vimeo, then turning them profitable through aggressive cost-cutting and price increases. While the company’s approach is similar to private equity, there is one key difference: Bending Spoons has no plans to sell these businesses.
Andrew Dumont, the founder and CEO of Curious, a firm that also acquires and revitalizes what he calls “venture zombies,” is convinced this “hold forever” strategy will become increasingly prominent in the coming years as AI-native startups make older VC-backed software businesses less relevant.
“Our belief is that the venture power law, in which 80% of companies ‘fail,’ produces many great businesses, even if they’re not unicorns,” Dumont told TechCrunch.
Dumont defines a “great business” as one that can be purchased at a low price and quickly revived to generate substantial cash flows. This “buy, fix, and hold” strategy is the playbook for a growing number of investors, from the 30-year-old Constellation Software, which pioneered the model, to newer players, including Bending Spoons, Tiny, SaaS.group, Arising Ventures, and Calm Capital, according to Dumont.
“Our whole model is to buy these companies, make them profitable, and use those earnings to grow the business,” Dumont said.
In 2023, Curious raised $16 million in dedicated capital for buying software companies that have stalled and can no longer secure follow-on investment.
Techcrunch event
San Francisco
|
October 13-15, 2026
Since then, the firm has bought five businesses, including UserVoice, a 17-year-old startup that raised $9 million in VC funding from Betaworks and SV Angel.
“It’s a great business, but the cap table wasn’t aligned with keeping it. These funds get old, and these companies just sit there,” Dumont said. “We provide liquidity and also reset these companies for profitability.”
Although Dumont didn’t disclose how much he paid for UserVoice, he said that stagnant companies sell for a fraction of the valuation commanded by healthy SaaS startups, which typically sell for 4x annual revenue or more. Based on our conversation, we estimate that “venture zombies” sometimes sell for as low as 1x yearly revenue.
By implementing cost-cutting and price increases, Curious can push these businesses to achieve 20% to 30% profit margins almost immediately. “If you have a million-dollar business, you’re kicking off $300,000 in earnings,” he offered as an example.
They achieve the turnarounds because, unlike the stand-alone companies, they can centralize functions like sales, marketing, finance, and other admin roles, across all of their portfolio companies. “We’re not trying to sell the businesses we acquire and don’t need VC-scale exits, so we can balance growth and profitability more sustainably,” Dumont said.
When asked why VCs don’t urge their startups to be profitable like Curious does, Dumont responded by saying: “Investors don’t care about earnings; they only care about growth. Without it, there’s no VC-scale exit, so there’s no incentive to operate with that level of profitability.”
The cash generated from Curious’ companies is then used to buy other startups, Dumont said.
The firm plans to buy 50 to 75 startups like UserVoice over the next five years, and Dumont is certain he won’t have a shortage of targets to choose from. Curious is focused on acquiring startups that generate $1 million to $5 million in recurring revenue annually, a segment of the software market that, according to Dumont, private equity shops and secondary investors have historically ignored.
“We’ve been doing this for a little under two years now, and we’ve probably looked at at least 500 companies, and we bought five,” Dumont said.
While Bending Spoons’ big valuation hike may validate the “venture zombie” acquisition model, Dumont doesn’t expect a lot of new competition. Turning profits out of stagnation isn’t easy. “It’s a ton of work,” he said.
Source link
#hold #investors #snapping #venture #capital #zombies #TechCrunch
![Anthropic’s Mythos AI Reportedly Hacked the NSA’s Most Sensitive Systems ‘in Hours’
When Anthropic first disclosed Mythos in April, it sent an anxious shockwave through much of the cybersecurity sector. The new AI model was allegedly so ruthlessly effective at finding and exploiting security vulnerabilities in existing software that the company said it was holding off on a public release and would only grant access to a small group of early testers, including the U.S. National Security Agency (NSA). Another wave of fear reverberated this week after the NSA reportedly discovered multiple vulnerabilities within its own cybersecurity systems during its tests with Mythos. If that agency—which supposedly boasts the most impenetrable cyberdefenses in the world—can be hacked by Mythos, what hope does the rest of the world’s cybersecurity infrastructure have? This latest round of panic began with what seems to have been something of a game of telephone: Someone says one thing, which gets repeated by another, and another after that, and along that chain of communication, the original statement is distorted. Last week, The Economist reported that during a June 11 hearing before the Senate Committee on Banking, Housing, and Urban Affairs, Democratic Senator Mark Warner of Virginia said that Mythos had broken into “almost all of [the NSA’s] classified systems, not in weeks, but in hours.” Warner said he’d received that information from the head of the NSA himself, General Joshua Rudd, who also leads the Pentagon’s Cyber Command division. On Monday, a coalition of intelligence agencies—including the NSA and its counterparts in Canada, the U.K., Australia, and New Zealand— issued an unusually public warning that the risk that AI now poses for cybersecurity warrants a “whole-of-society response.”
The Economist’s report was seen by some as evidence that the worst fears about Mythos were true, a reaction that was undoubtedly fueled also by the aura of power and mystery that has coalesced around the model in recent months. That aura has arguably been a boon for Anthropic, which recently usurped OpenAI as the most valuable startup in the world and is preparing for what’s expected to be a historic IPO.
But it’s also been a contributing factor in its latest skirmish with the Trump administration, which ordered the company earlier this month to restrict access for all foreign nationals to Fable 5, a “Mythos-class” model that had recently been made publicly available and which was built with safeguards that to some users were annoyingly stringent. Citing national security concerns, the administration invoked an obscure piece of export control legislation, a move that, according to some legal experts, is spurious. Many cybersecurity experts, meanwhile, argued that the ban would hamstring U.S. cybersecurity defenses and give adversaries like China the upper hand. That argument was seemingly vindicated by a Tuesday report from the New York Times which said that Trump’s ban—which also targeted another model called Mythos 5, which had only been made available to a small group of organizations—had put the kibosh on the NSA’s internal tests with Mythos, and that the administration was now working with Anthropic to reinstate the agency’s access for limited purposes related to national security. The NSA did not immediately respond to Gizmodo’s request for comment.
That same report from the Times also clarified that the NSA’s internal tests with Mythos were less apocalyptic than online rumors might suggest. According to federal officials cited in the report, the tests were carried out in a digital environment so robustly controlled that it’s very unlikely any hacker or foreign intelligence agency could replicate them. The officials also told the Times that even though Mythos was able to identify cybersecurity vulnerabilities, it didn’t actually exploit them. The author of the report in The Economist—the one that had been the initial cause of all the worry—has also admitted that his portrayal of the NSA’s tests with Mythos had been misleading. The tests “surely [involved] using Mythos alongside other tools under very particular conditions,” he wrote in a X post on Sunday. “I quoted [Senator Warner] to give a sense of Mythos’ potency. But it was a mistake not to have added caveats.” #Anthropics #Mythos #Reportedly #Hacked #NSAs #Sensitive #Systems #HoursAI,Anthropic,Mythos,NSA,Trump,White House](https://i1.wp.com/gizmodo.com/app/uploads/2026/06/GeneralJoshuaRudd-1280x853.jpg?ssl=1 "Anthropic’s Mythos AI Reportedly Hacked the NSA’s Most Sensitive Systems ‘in Hours’
When Anthropic first disclosed Mythos in April, it sent an anxious shockwave through much of the cybersecurity sector. The new AI model was allegedly so ruthlessly effective at finding and exploiting security vulnerabilities in existing software that the company said it was holding off on a public release and would only grant access to a small group of early testers, including the U.S. National Security Agency (NSA). Another wave of fear reverberated this week after the NSA reportedly discovered multiple vulnerabilities within its own cybersecurity systems during its tests with Mythos. If that agency—which supposedly boasts the most impenetrable cyberdefenses in the world—can be hacked by Mythos, what hope does the rest of the world’s cybersecurity infrastructure have? This latest round of panic began with what seems to have been something of a game of telephone: Someone says one thing, which gets repeated by another, and another after that, and along that chain of communication, the original statement is distorted. Last week, The Economist reported that during a June 11 hearing before the Senate Committee on Banking, Housing, and Urban Affairs, Democratic Senator Mark Warner of Virginia said that Mythos had broken into “almost all of [the NSA’s] classified systems, not in weeks, but in hours.” Warner said he’d received that information from the head of the NSA himself, General Joshua Rudd, who also leads the Pentagon’s Cyber Command division. On Monday, a coalition of intelligence agencies—including the NSA and its counterparts in Canada, the U.K., Australia, and New Zealand— issued an unusually public warning that the risk that AI now poses for cybersecurity warrants a “whole-of-society response.”
The Economist’s report was seen by some as evidence that the worst fears about Mythos were true, a reaction that was undoubtedly fueled also by the aura of power and mystery that has coalesced around the model in recent months. That aura has arguably been a boon for Anthropic, which recently usurped OpenAI as the most valuable startup in the world and is preparing for what’s expected to be a historic IPO.
But it’s also been a contributing factor in its latest skirmish with the Trump administration, which ordered the company earlier this month to restrict access for all foreign nationals to Fable 5, a “Mythos-class” model that had recently been made publicly available and which was built with safeguards that to some users were annoyingly stringent. Citing national security concerns, the administration invoked an obscure piece of export control legislation, a move that, according to some legal experts, is spurious. Many cybersecurity experts, meanwhile, argued that the ban would hamstring U.S. cybersecurity defenses and give adversaries like China the upper hand. That argument was seemingly vindicated by a Tuesday report from the New York Times which said that Trump’s ban—which also targeted another model called Mythos 5, which had only been made available to a small group of organizations—had put the kibosh on the NSA’s internal tests with Mythos, and that the administration was now working with Anthropic to reinstate the agency’s access for limited purposes related to national security. The NSA did not immediately respond to Gizmodo’s request for comment.
That same report from the Times also clarified that the NSA’s internal tests with Mythos were less apocalyptic than online rumors might suggest. According to federal officials cited in the report, the tests were carried out in a digital environment so robustly controlled that it’s very unlikely any hacker or foreign intelligence agency could replicate them. The officials also told the Times that even though Mythos was able to identify cybersecurity vulnerabilities, it didn’t actually exploit them. The author of the report in The Economist—the one that had been the initial cause of all the worry—has also admitted that his portrayal of the NSA’s tests with Mythos had been misleading. The tests “surely [involved] using Mythos alongside other tools under very particular conditions,” he wrote in a X post on Sunday. “I quoted [Senator Warner] to give a sense of Mythos’ potency. But it was a mistake not to have added caveats.” #Anthropics #Mythos #Reportedly #Hacked #NSAs #Sensitive #Systems #HoursAI,Anthropic,Mythos,NSA,Trump,White House")
![Anthropic’s Mythos AI Reportedly Hacked the NSA’s Most Sensitive Systems ‘in Hours’
When Anthropic first disclosed Mythos in April, it sent an anxious shockwave through much of the cybersecurity sector. The new AI model was allegedly so ruthlessly effective at finding and exploiting security vulnerabilities in existing software that the company said it was holding off on a public release and would only grant access to a small group of early testers, including the U.S. National Security Agency (NSA). Another wave of fear reverberated this week after the NSA reportedly discovered multiple vulnerabilities within its own cybersecurity systems during its tests with Mythos. If that agency—which supposedly boasts the most impenetrable cyberdefenses in the world—can be hacked by Mythos, what hope does the rest of the world’s cybersecurity infrastructure have? This latest round of panic began with what seems to have been something of a game of telephone: Someone says one thing, which gets repeated by another, and another after that, and along that chain of communication, the original statement is distorted. Last week, The Economist reported that during a June 11 hearing before the Senate Committee on Banking, Housing, and Urban Affairs, Democratic Senator Mark Warner of Virginia said that Mythos had broken into “almost all of [the NSA’s] classified systems, not in weeks, but in hours.” Warner said he’d received that information from the head of the NSA himself, General Joshua Rudd, who also leads the Pentagon’s Cyber Command division. On Monday, a coalition of intelligence agencies—including the NSA and its counterparts in Canada, the U.K., Australia, and New Zealand— issued an unusually public warning that the risk that AI now poses for cybersecurity warrants a “whole-of-society response.”
The Economist’s report was seen by some as evidence that the worst fears about Mythos were true, a reaction that was undoubtedly fueled also by the aura of power and mystery that has coalesced around the model in recent months. That aura has arguably been a boon for Anthropic, which recently usurped OpenAI as the most valuable startup in the world and is preparing for what’s expected to be a historic IPO.
But it’s also been a contributing factor in its latest skirmish with the Trump administration, which ordered the company earlier this month to restrict access for all foreign nationals to Fable 5, a “Mythos-class” model that had recently been made publicly available and which was built with safeguards that to some users were annoyingly stringent. Citing national security concerns, the administration invoked an obscure piece of export control legislation, a move that, according to some legal experts, is spurious. Many cybersecurity experts, meanwhile, argued that the ban would hamstring U.S. cybersecurity defenses and give adversaries like China the upper hand. That argument was seemingly vindicated by a Tuesday report from the New York Times which said that Trump’s ban—which also targeted another model called Mythos 5, which had only been made available to a small group of organizations—had put the kibosh on the NSA’s internal tests with Mythos, and that the administration was now working with Anthropic to reinstate the agency’s access for limited purposes related to national security. The NSA did not immediately respond to Gizmodo’s request for comment.
That same report from the Times also clarified that the NSA’s internal tests with Mythos were less apocalyptic than online rumors might suggest. According to federal officials cited in the report, the tests were carried out in a digital environment so robustly controlled that it’s very unlikely any hacker or foreign intelligence agency could replicate them. The officials also told the Times that even though Mythos was able to identify cybersecurity vulnerabilities, it didn’t actually exploit them. The author of the report in The Economist—the one that had been the initial cause of all the worry—has also admitted that his portrayal of the NSA’s tests with Mythos had been misleading. The tests “surely [involved] using Mythos alongside other tools under very particular conditions,” he wrote in a X post on Sunday. “I quoted [Senator Warner] to give a sense of Mythos’ potency. But it was a mistake not to have added caveats.” #Anthropics #Mythos #Reportedly #Hacked #NSAs #Sensitive #Systems #HoursAI,Anthropic,Mythos,NSA,Trump,White House](https://gizmodo.com/app/uploads/2026/06/GeneralJoshuaRudd-1280x853.jpg "Anthropic’s Mythos AI Reportedly Hacked the NSA’s Most Sensitive Systems ‘in Hours’
When Anthropic first disclosed Mythos in April, it sent an anxious shockwave through much of the cybersecurity sector. The new AI model was allegedly so ruthlessly effective at finding and exploiting security vulnerabilities in existing software that the company said it was holding off on a public release and would only grant access to a small group of early testers, including the U.S. National Security Agency (NSA). Another wave of fear reverberated this week after the NSA reportedly discovered multiple vulnerabilities within its own cybersecurity systems during its tests with Mythos. If that agency—which supposedly boasts the most impenetrable cyberdefenses in the world—can be hacked by Mythos, what hope does the rest of the world’s cybersecurity infrastructure have? This latest round of panic began with what seems to have been something of a game of telephone: Someone says one thing, which gets repeated by another, and another after that, and along that chain of communication, the original statement is distorted. Last week, The Economist reported that during a June 11 hearing before the Senate Committee on Banking, Housing, and Urban Affairs, Democratic Senator Mark Warner of Virginia said that Mythos had broken into “almost all of [the NSA’s] classified systems, not in weeks, but in hours.” Warner said he’d received that information from the head of the NSA himself, General Joshua Rudd, who also leads the Pentagon’s Cyber Command division. On Monday, a coalition of intelligence agencies—including the NSA and its counterparts in Canada, the U.K., Australia, and New Zealand— issued an unusually public warning that the risk that AI now poses for cybersecurity warrants a “whole-of-society response.”
The Economist’s report was seen by some as evidence that the worst fears about Mythos were true, a reaction that was undoubtedly fueled also by the aura of power and mystery that has coalesced around the model in recent months. That aura has arguably been a boon for Anthropic, which recently usurped OpenAI as the most valuable startup in the world and is preparing for what’s expected to be a historic IPO.
But it’s also been a contributing factor in its latest skirmish with the Trump administration, which ordered the company earlier this month to restrict access for all foreign nationals to Fable 5, a “Mythos-class” model that had recently been made publicly available and which was built with safeguards that to some users were annoyingly stringent. Citing national security concerns, the administration invoked an obscure piece of export control legislation, a move that, according to some legal experts, is spurious. Many cybersecurity experts, meanwhile, argued that the ban would hamstring U.S. cybersecurity defenses and give adversaries like China the upper hand. That argument was seemingly vindicated by a Tuesday report from the New York Times which said that Trump’s ban—which also targeted another model called Mythos 5, which had only been made available to a small group of organizations—had put the kibosh on the NSA’s internal tests with Mythos, and that the administration was now working with Anthropic to reinstate the agency’s access for limited purposes related to national security. The NSA did not immediately respond to Gizmodo’s request for comment.
That same report from the Times also clarified that the NSA’s internal tests with Mythos were less apocalyptic than online rumors might suggest. According to federal officials cited in the report, the tests were carried out in a digital environment so robustly controlled that it’s very unlikely any hacker or foreign intelligence agency could replicate them. The officials also told the Times that even though Mythos was able to identify cybersecurity vulnerabilities, it didn’t actually exploit them. The author of the report in The Economist—the one that had been the initial cause of all the worry—has also admitted that his portrayal of the NSA’s tests with Mythos had been misleading. The tests “surely [involved] using Mythos alongside other tools under very particular conditions,” he wrote in a X post on Sunday. “I quoted [Senator Warner] to give a sense of Mythos’ potency. But it was a mistake not to have added caveats.” #Anthropics #Mythos #Reportedly #Hacked #NSAs #Sensitive #Systems #HoursAI,Anthropic,Mythos,NSA,Trump,White House")
Post Comment