INSPECTING ARCHIVED INTELLIGENCE (OUTDATED VERSION).
Zero-Day Exploit by Former Defense Contractor
| 2026-02-25 10:30 CRITICAL LOWExecutive Summary AI-generated
A former senior executive at a US defense contractor has been handed an 87-month jail term for selling zero-day exploits to a Russian broker, marking one of the most significant national security breaches in recent history. The individual's actions had far-reaching consequences, including millions of digital devices being compromised and potentially held hostage by Russia. A joint agreement dubbed the "Pall Mall Process" was signed with 25 countries led by the UK, US, and France to counter the trade, but it ultimately failed due to sanctions imposed on Russian entities involved in the deal. The State Department has since blocked all property and interests in property of those designated as sanctioned, citing risks for US persons engaging in certain transactions or activities with these individuals.
Technical Mitigations AI-generated
* Encryption and secure communication: Implement end-to-end encryption for all communications involving the defense contractor's employees, including email, messaging apps, and video conferencing. This would ensure that sensitive information is protected from unauthorized access.
* Secure data storage and transfer: Use encrypted cloud storage services to store and transmit sensitive data, such as trade secrets and zero-day exploits. Ensure that any external connections or transfers are secure and monitored for potential breaches.
* Access controls and authentication: Implement robust access control measures, including multi-factor authentication (MFA), to ensure that only authorized personnel can access sensitive areas or systems.
* Monitoring and incident response: Establish a comprehensive monitoring system to detect and respond to potential security incidents. This should include automated alerts, human operators, and regular drills for emergency preparedness.
* Regular software updates and patching: Regularly update and patch all software applications and systems to ensure that any known vulnerabilities are addressed before they can be exploited by attackers.
These technical mitigations would help protect the defense contractor's employees, customers, and intellectual property from potential security breaches.
AI Podcast (EN) detail_available
detail_listen_ai (EN)
Intelligence Metadata
Actors / Malware / CVEs / Campaigns
Operation ZeroOperation Zero
TrickBotTrickBot
Target & Sectors
MIDDLE_EAST
MIDDLE_EAST
NORTH_AMERICA
NORTH_AMERICA
FIVE_EYES
FIVE_EYES
mediamedia
technologytechnology
defensedefense
governmentgovernment
Incident Timeline
2025-02-25
The former Defense Contractor boss was convicted of selling zero-day exploits to a foreign entity.
Click on any entity below to view its context and source!
campaign
Operation Zero
The case's connection to Operation Zero was
disclosed
by cybersecurity journalist Kim Zetter late last year.
October 2025
Peter Williams pleaded guilty to two counts of theft of trade secrets in October 2025.
February 24
The State Department imposed sanctions on Williams for selling zero-day exploits to broker under the Protecting American Intellectual Property Act.
Click on any entity below to view its context and source!
organisation
the State Department
The State Department announced on February 24 that it was issuing sanctions on the broker Williams sold his zero-days to under the Protecting American Intellectual Property Act (PAIPA).
organisation
the Protecting American Intellectual Property Act
The State Department announced on February 24 that it was issuing sanctions on the broker Williams sold his zero-days to under the Protecting American Intellectual Property Act (PAIPA).
Feb 25, 2026
Threat actors used a zero-day exploit to gain unauthorized access to sensitive information of a former defense contractor.
2026-02-25
Peter Williams stole a US defense contractor's trade secrets about highly sensitive cyber capabilities and sold them to a broker whose clients include the Russian government.
Click on any entity below to view its context and source!
organisation
Trenchant/L3Harris $
He also admitted that his actions cost Trenchant/L3Harris $35m and had a “significant impact” on customers including the US and allied governments.
financial
$35 L3Harris
He also admitted that his actions cost Trenchant/L3Harris $35m and had a “significant impact” on customers including the US and allied governments.
The actions are estimated to have incurred L3Harris $35 million in financial losses.
organisation
Google
To tackle the trade, a
joint agreement
, dubbed the “Pall Mall Process,” was signed in 2024 by 25 countries led by the UK, US and France, as well as tech giants including Google, Microsoft, Apple, Meta and others.
organisation
Microsoft
To tackle the trade, a
joint agreement
, dubbed the “Pall Mall Process,” was signed in 2024 by 25 countries led by the UK, US and France, as well as tech giants including Google, Microsoft, Apple, Meta and others.
organisation
Apple
To tackle the trade, a
joint agreement
, dubbed the “Pall Mall Process,” was signed in 2024 by 25 countries led by the UK, US and France, as well as tech giants including Google, Microsoft, Apple, Meta and others.
organisation
Meta
To tackle the trade, a
joint agreement
, dubbed the “Pall Mall Process,” was signed in 2024 by 25 countries led by the UK, US and France, as well as tech giants including Google, Microsoft, Apple, Meta and others.
organisation
the State Department
“All property and interests in property of those designated that are in the United States or that are in possession or control of a US person are blocked,” the State Department
said
.
organisation
Zelenyuk
Zelenyuk has apparently founded a new UAE-based company under the name Special Technology Services with the intention of evading US sanctions.
Zelenyuk is a Russian national and the director and owner of Operation Zero.
organisation
Special Technology Services
Zelenyuk has apparently founded a new UAE-based company under the name Special Technology Services with the intention of evading US sanctions.
organisation
Operation Zero
Ravie Lakshmanan
Feb 25, 2026
Zero Day / National Security
A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars.
organisation
Nation
"The tools he compromised were intended to protect this Nation; instead, he auctioned them off to a Russian bidder.
organisation
LLC
The U.S. State Department, in tandem,
announced
the designations of Operation Zero (aka Matrix LLC), along with Sergey Sergeyevich Zelenyuk and Special Technology Services LLC FZ (STS), under the Protecting American Intellectual Property Act (PAIPA) in connection with the trade secret theft.
They apply to Matrix LLC (aka Operation Zero), its sole owner, Sergey Sergeyevich Zelenyuk, and four “associated individuals and entities.”
organisation
the Protecting American Intellectual Property Act
The U.S. State Department, in tandem,
announced
the designations of Operation Zero (aka Matrix LLC), along with Sergey Sergeyevich Zelenyuk and Special Technology Services LLC FZ (STS), under the Protecting American Intellectual Property Act (PAIPA) in connection with the trade secret theft.
organisation
The U.S. State Department
The U.S. State Department, in tandem,
announced
the designations of Operation Zero (aka Matrix LLC), along with Sergey Sergeyevich Zelenyuk and Special Technology Services LLC FZ (STS), under the Protecting American Intellectual Property Act (PAIPA) in connection with the trade secret theft.
organisation
tandem
The U.S. State Department, in tandem,
announced
the designations of Operation Zero (aka Matrix LLC), along with Sergey Sergeyevich Zelenyuk and Special Technology Services LLC FZ (STS), under the Protecting American Intellectual Property Act (PAIPA) in connection with the trade secret theft.
organisation
STS
The U.S. State Department, in tandem,
announced
the designations of Operation Zero (aka Matrix LLC), along with Sergey Sergeyevich Zelenyuk and Special Technology Services LLC FZ (STS), under the Protecting American Intellectual Property Act (PAIPA) in connection with the trade secret theft.
organisation
The U.S. Department
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) also sanctioned Zelenyuk, Operation Zero, STS, and four other associated individuals and entities for acquiring and distributing cyber tools harmful to U.S. national security.
organisation
Treasury
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) also sanctioned Zelenyuk, Operation Zero, STS, and four other associated individuals and entities for acquiring and distributing cyber tools harmful to U.S. national security.
organisation
Office of Foreign Assets Control (OFAC
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) also sanctioned Zelenyuk, Operation Zero, STS, and four other associated individuals and entities for acquiring and distributing cyber tools harmful to U.S. national security.
financial
$4 Stolen / Extorted Funds
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices.
“Williams took trade secrets comprised of national security software and sold them for up to $4m in cryptocurrency.
infrastructure
Android
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices.
organisation
Telegram
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices.
financial
$20 Telegram exploits
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices.
organisation
non-NATO
"Zelenyuk and Operation Zero have stated that they will only sell the exploits they acquire to customers from non-NATO countries.
organisation
the Justice Department (DoJ
Williams not only sold the exploits but agreed to provide “follow-on support” for which he was also paid, according to the Justice Department (DoJ).
Tactical Metrics
Metrics
financial
35,000,000
L3Harris
Click for context!
He also admitted that his actions cost Trenchant/L3Harris $35m and had a “significant impact” on customers including the US and allied governments.
The actions are estimated to have incurred L3Harris $35 million in financial losses.
Metrics
financial
4,000,000
Stolen / Extorted Funds
“Williams took trade secrets comprised of national security software and sold them for up to $4m in cryptocurrency.
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices.
Metrics
infrastructure
Android
Affected Product
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices.
Metrics
financial
20,000,000
Telegram Exploits
Operation Zero has offered up to $4 million in bounties for Telegram exploits and $20 million for tools that could be used to break into Android and iPhone devices.
Intelligence Sources
The Hacker News
2026-02-25
Infosecurity-Magazine
2026-02-25
Former Defense Contractor Boss Gets 7+ Years for Selling Zero Days
Infosecurity-Magazine
Unpublish from Social Media?
Are you sure you want to delete this podcast video from all synchronized social networks (YouTube, Facebook, Threads)?
Important:
Due to Meta API restrictions, Instagram Reels cannot be deleted automatically via API by third-party apps.
View Profile to Delete Manually
View Profile to Delete Manually
Tactical Intelligence
Report Intelligence Issue
Podcast Options
Generate
Reset / Delete
Incident Version History
CURRENT VERSION
Last Updated: 2026-04-27T07:18
Comprehensive Tactical Telemetry
Highly Correlated Entities
21x
organisation
Identified Entity
Trenchant/L3Harris $
entity
10x
timeline
Temporal Reference
87-month
date
5x
attribution
Attributing Entity
Marina Evgenyevna Vasanovich
authority
4x
source region
Origin Country
United States
country
4x
target region
Target Country
Russian Federation
country
4x
industry
Targeted Sector
Defense
sector
2x
target region
Target Region
FIVE_EYES
region
2x
tactic
Cyber Operation Type
Espionage
tactic
Contextual Telemetry
Context Block
8 METRICS
financial
L3Harris
35,000,000
l3harris
general metric
Countries
25
countries
campaign
Campaign
Operation Zero
operation
financial
Stolen / Extorted Funds
4,000,000
$
general metric
Zero Days
8
zero days
malware
Malware Payload
TrickBot
tool
infrastructure
Affected Product
Android
software
financial
Telegram Exploits
20,000,000
telegram exploits
Click on any entity below to view its context in the main text!
Selective Unpublish
Selecciona las redes de las que quieres eliminar esta publicación. El sistema intentará borrar el post real de la API y limpiará la base de datos para que puedas volver a lanzarlo.
By navigating this website, you accept the use of strictly necessary technical cookies for session security and basic platform functionality. We do not use tracking or advertising cookies.
Read our Privacy Policy.