Trenchant, Peter Williams, and the proliferation of a Shadow Brokers-level iOS exploit framework

(Presented by Thinkst Canary: Most Companies find out way too late that they’ve been breached. Thinkst Canary changes this. Deploy Canaries and Canarytokens in minutes and then forget about them. Attackers tip their hand by touching ’em giving you the one alert, when it matters. With zero admin overhead and almost no false-positives, Canaries are deployed (and loved) on all 7 continents.)

Three Buddy Problem - Episode 88: We unpack the fallout from public documentation of the Coruna iOS exploit kit, the likely connection to the Peter Williams/Trenchant exploit sale to Russians, how it slipped from government hands into criminal use, and the widening use of zero-days by surveillance vendors and cybercriminals.

Plus, fresh signs of cyber-warfare activity tied to Iran and Israel, the FBI’s disclosure of a breach affecting internal surveillance systems, and the latest debate over AI, security tooling, and Anthropic’s public stumbles.

Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.

Links:

• Transcript (raw, AI-generated)
• Thinkst Canary (how it works)
• Coruna: The Mysterious Journey of a Powerful iOS Exploit Kit
• iVerify Details First Known Mass iOS Attack
• Matthias Frielingsdorf on the mysterious Coruna iOS exploit kit discovery
• Matthias Frielingsdorf on Coruna (raw transcript)
• Coruna-related hashes on VirusTotal
• Kaspersky: No signs Coruna iPhone exploit kit made by US
• Azimuth unlocked the San Bernardino shooter’s iPhone for the FBI
• 2025 Zero-Days in Review (Google)
• FBI investigating ‘suspicious’ cyber activities on critical surveillance network
• Iranian Hacking Groups Go Dark Amid US, Israeli Military Strikes
• Interplay between Iranian Targeting of IP Cameras and Physical Warfare
• Israel says it knocked out Iran’s cyber warfare headquarters
• Amazon Bahrain facility targeted for U.S. military support
• Full transcript of Anthropic CEO Dario Amodei interview
• Codex Security (formerly Aardvark) now in research preview
• NEBULA:FOG 2026 | AI x Security Hackathon