An explosive infosec scandal has rocked the industry, with a former defense contractor executive accused of selling powerful cyber tools to Russia. This is a betrayal of trust on an unprecedented scale, and the potential consequences are dire.
The former General Manager of L3Harris' cyber subsidiary, Trenchant, allegedly sold eight zero-day exploit kits to Russian brokers, according to a recent court filing. We first reported on this case back in October 2025, but new details have emerged, painting a picture of significant harm to US national security and a massive financial loss for the company.
The US Department of Justice (DoJ) has labeled this as a betrayal of the highest order, stating that the accused, Peter Williams, enabled Russian clients to access powerful cyber weapons. The DoJ further alleges that the broker Williams worked with regularly supplied exploits to the Russian government.
But here's where it gets controversial: Williams' actions have not only compromised national security but also resulted in a staggering $35 million loss for L3Harris and Trenchant. The DoJ is seeking the maximum sentence under federal guidelines, which could see Williams incarcerated for up to 9 years, followed by supervised release.
And this is the part most people miss: Williams, an Australian citizen, has agreed to be deported to his home country after serving his prison term. The DoJ is also seeking financial restitution and additional forfeitures, aiming to recover the lost funds.
In other infosec news, a so-called ransomware gang, 0APT, has been exposed as a bunch of liars. Cybersecurity researchers have determined that their claims of attacking over 200 entities were fabricated, with victim names like "Metropolis City Municipal" raising red flags. GuidePoint Security suggests this could be a scam to trick organizations into paying ransoms out of fear or to dupe other cybercriminals.
Meanwhile, a real ransomware attack has hit BridgePay, a payment service provider for local governments and utilities. The attack has disrupted services for over a week, causing payment deadlines to be extended across the United States. Some cities, like Frisco, Texas, have suspended late fees and shutoffs, but others, like Palm Bay, Florida, are advising residents to pay in person.
In a separate incident, Polish police have arrested a suspect believed to have attacked a critical water and sewage infrastructure operator. The suspect gained unauthorized access, stole data, and attempted to sell it on the dark web. Polish authorities were able to locate and delete the data, preventing further damage.
On a global scale, the EU has cleared Google's acquisition of cloud security firm Wiz, stating that it won't raise competition concerns in Europe. The deal, valued at $32 billion, is Google's most expensive acquisition to date and was previously rejected by Wiz in 2024.
These infosec stories highlight the ever-evolving landscape of cyber threats and the ongoing battle to protect critical infrastructure and sensitive data. As we navigate these complex issues, one question remains: How can we better secure our digital world and prevent such breaches from occurring? Share your thoughts and opinions in the comments below.
