This week Joseph talks to Lorenzo Franceschi-Bicchierai, a journalist at TechCrunch. Lorenzo has possibly the deepest understanding of one of the wildest cybersecurity stories in years: how an employee of Trenchant, a government malware vendor that is supposed to only sell to the ‘good’ guys, secretly sold a bunch of hacking tools to a Russian company. Those tools, it looks like, then ended up with the Russian government and possibly Chinese criminals too. It’s a really insane story about how powerful hacking tech can fall into the wrong hands. Listen to the weekly podcast on Apple Podcasts , Spotify , or YouTube . Become a paid subscriber for access to this episode's bonus content and to power our journalism. If you become a paid subscriber, check your inbox for an email from our podcast host Transistor for a link to the subscribers-only version! You can also add that subscribers feed to your podcast app of choice and never miss an episode that way. The email should also contain the subscribers-only unlisted YouTube link for the extended video version too. It will also be in the show notes in your podcast player. 0:00 - Guest Introduction: Lorenzo Franceschi-Bicchierai 02:52 – What Is Trenchant? 03:52 – Secrecy & Evolution of Exploit Industry 05:05 – Modern Spyware Industry Landscape 08:34 – Discovery of Peter Williams 10:31 – Apple Spyware Notifications Context 13:03 – Early Reporting Strategy 14:13 – Indictment & Confirmation 15:34 – What Peter Williams Did 18:17 – Economics of Zero-Day Market 24:53 – Google Discovers “Corona” Exploit Kit 28:11 – Shift to Mass Exploitation in China 31:03 – How Did It Spread? (Speculation) 34:36 – Link Back to Trenchant Leak 36:27 – Security Failure & Industry Implications 41:04 – Ethical Stakes & Real-World Harm 43:15 – Motive & Final Reflections Inside the story of the US defense contractor who leaked hacking tools to Russia US military contractor likely built iPhone hacking tools used by Russian spies in Ukraine