As AI-driven search innovations revolutionize the way businesses are found online, the startup Gushwork, established in India, is assisting firms in attracting clients through platforms like ChatGPT, Gemini, and Perplexity — gaining initial traction which is starting to attract investor interest.

The two-year-old startup announced on Thursday that it has secured $9 million in a seed funding round led by Susquehanna International Group (SIG) and Lightspeed, with involvement from B Capital, Seaborne Capital, Beenext, Sparrow Capital, and 2.2 Capital. This funding round values Gushwork at $33 million post-money, a significant increase from about $7.5 million following its Lightspeed-led pre-seed of $2.1 million in July 2023, according to a source familiar with the situation who spoke to TechCrunch. This latest funding raises Gushwork’s total funding to $11 million, as stated by the startup.

The investment comes as AI companies, including OpenAI and Perplexity, start to disrupt traditional web search, prompting established players like Google to introduce AI-generated summaries and other conversational elements in their search offerings. Gushwork is banking on this transition to unveil new opportunities for businesses to emerge in AI-driven discovery channels through its automated marketing solutions.

Founded in 2023 by Nayrhit Bhattacharya (shown above, right) and Adithya Venkatesh (shown above, left), Gushwork initially aimed to assist small and medium enterprises in outsourcing workflows by combining AI and human skills. The startup started to refine its focus toward search-driven marketing due to significant customer demand for enhancing online visibility.

“At the beginning, our goal was to help businesses outsource more efficiently and effectively,” Bhattacharya shared with TechCrunch in an interview, noting that the increasing demand for search assistance from clients became harder to overlook.

Gushwork’s platform leverages a network of AI agents to autonomously create and refresh search-optimized content; generate backlinks — usually 10 to 20 per client — through a pool of approximately 200 to 300 partner sites; and monitor incoming leads via an integrated content management system. The aim, according to Bhattacharya, is to enable businesses to appear in both standard search outcomes and AI-generated solutions without depending on extensive in-house marketing teams.

The startup claims to have acquired over 300 paying customers — nearly 95% of them based in the U.S. — with subscriptions commencing at $800 per month. Gushwork reports an annualized recurring revenue of about $1.5 million after launching its AI search-centric product around three months ago and is aiming for an ARR of $3 million to $3.5 million in the following three months, Bhattacharya added, noting that the startup is experiencing a month-over-month growth of 50% to 80%.

Among Gushwork’s clientele, roughly 20% of web traffic is currently derived from AI-driven search and chat platforms, which, according to Bhattacharya, represent around 40% of incoming leads, based on the startup’s internal statistics.

The higher-intent leads, Bhattacharya stated, are already resulting in business success for some clients. For instance, a professional services client has secured contracts valued between $200,000 and $350,000 after utilizing the platform, he noted, choosing not to disclose the client’s identity. He mentioned that numerous users are experiencing substantial pipeline expansion as AI-driven discovery continues to gain momentum.

Today, Gushwork’s customer base is mainly made up of high-ticket B2B service providers, industrial distributors, and contract manufacturers, primarily within the U.S., according to Bhattacharya. The startup’s average subscription is approximately $800 to $900 per month, equating to around $9,000 to $10,000 in annual contract value, he cited.

The move towards AI-driven discovery is still in its infancy but is rapidly progressing. Tools like generative AI chatbots and AI web browsers are increasingly utilized by buyers for researching vendors and products. In July 2025, OpenAI reported that ChatGPT received about 2.5 billion requests daily worldwide, including around 330 million from users in the U.S. Bhattacharya remarked that this trend is starting to redefine how some businesses pursue online visibility.

Gushwork intends to utilize the new funding to bolster its engineering workforce, enhance model accuracy, and scale its marketing initiatives, Bhattacharya noted. He added that the startup has over 800 businesses on its waitlist, which it plans to begin onboarding.

Headquartered in Delaware with an office in Bengaluru, the startup employs around 70 staff members in India, in addition to several contractors.

On Wednesday, Anthropic revealed its acquisition of Vercept, an AI startup with significant ties to some prominent figures in Seattle’s tech industry. This acquisition follows Anthropic’s purchase of the coding agent engine Bun in December, aimed at enhancing Claude Code.

Vercept developed tools for more sophisticated agentic functions, notably its product Vy, a cloud-based computer-use agent capable of operating a remote Apple MacBook. Vercept is among several startups focused on re-envisioning the personal computer for the AI agent era. As part of the agreement, Anthropic plans to discontinue Vercept’s product on March 25.

The startup emerged from Seattle’s A12 AI-centric incubator, which has connections to the established Allen Institute for AI. Vercept’s co-founders also have ties to the Allen Institute and were prior researchers there. One co-founder, Matt Deitke, gained attention last year as an AI researcher who secured a substantial $250 million salary from Meta to join its Superintelligence Lab. On Wednesday, Deitke publicly congratulated his former colleagues via a post on X.

Vercept was a relatively prominent AI startup within the region. In a LinkedIn announcement about Anthropic’s acquisition, Vercept CEO Kiana Ehsani mentioned that the startup had secured a total of $50 million in funding, highlighting A12’s Seth Bannon as the lead investor. Vercept had previously disclosed raising a $16 million seed round the previous January.

The list of angel investors was notably impressive, featuring former Google CEO Eric Schmidt, Google DeepMind chief scientist Jeff Dean, Cruise founder Kyle Vogt, and Dropbox co-founder Arash Ferdowsi, as reported by GeekWire.

In Anthropic’s announcement regarding the acquisition, the company recognized co-founders Ehsani, Luca Weihs, and Ross Girshick as part of the team transitioning to Anthropic. However, not all Vercept co-founders are joining the Claude creator.

Oren Etzioni, who has been identified as a co-founder of Vercept and an investor in the company, is a well-known figure in Seattle, recognized as the founding leader of the Allen Institute for AI. Alongside Deitke, he will not be joining Anthropic and expressed dissatisfaction regarding the acqui-hire. He shared on LinkedIn: “After just over a year, Vercept is conceding and giving their customers 30 days to exit the platform. It’s disappointing. A fantastic team is joining Anthropic. I wish them all the best!”

Etzioni also serves as a professor at the University of Washington and is noted for other startups he has either founded or supported as a venture capitalist. He did not reply to a request for comment.

In a LinkedIn post by Etzioni, he accused Bannon, the lead investor at Vercept, of being “partly responsible” for the company’s failure to recruit the right business personnel. A back and forth developed between the investors, with Bannon criticizing Etzioni’s comments: “… you undermined the heroic efforts of the founders for accomplishing an outcome that most could only dream of,” Bannon retorted in the LinkedIn thread. They also exchanged accusations regarding other unpleasant matters such as dishonesty and legal threats.

While public disagreements among investors can be entertaining and fundamentally trivial, the underlying motivations are significant. The stakes are high in creating the next major AI success, and now a promising startup that accumulated a reasonably sized capital will be integrated into Anthropic.

Although the specifics of the deal remain undisclosed, Etzioni indicates he achieved a return on his investment. Anthropic evidently sought these researchers, particularly with one of them now at Meta.

Nonetheless, Etzioni expressed to GeekWire his disappointment. “I’m happy to have received a positive return but obviously saddened that after just over a year with so much momentum, and such a fantastic team, we are essentially folding,” he stated.

Conversely, the founders joining Anthropic seem pleased, based on CEO Ehsani’s LinkedIn statement. “The alternatives were clear: we could either develop independently and pursue the same vision as two separate entities, or unite with an incredible team to accelerate that vision into reality. Choosing to join Anthropic became an easy decision,” she commented.

Chip powerhouse and the most valuable firm globally, Nvidia, announced unprecedented profits in its latest quarterly report on Wednesday, driven by soaring demand for AI computing.

“The demand for tokens globally has surged to an entirely new level,” stated CEO Jensen Huang during a call with analysts discussing the results. “We’re all witness to this, to the extent that even our six-year-old GPUs in the cloud are fully utilized and prices are rising.”

The firm reported revenues of $68 billion in the latest quarter, reflecting a 73% increase from the previous year, with $62 billion of this income derived from its data center segment.

Notably, Nvidia separated its data center earnings into $51 billion from computing (primarily GPUs) and $11 billion from networking offerings such as NVLink. The total revenue for the year reached $215 billion.

Consistent with previous quarters, the company did not disclose any revenue from chip sales to China, even with the recent U.S. government lifting of export restrictions. “While minor shipments of H200 products for customers in China have been approved by the U.S. government, they have not generated any revenue yet, and we remain uncertain about the possibility of further imports into China,” stated Colette Kress, the firm’s chief financial officer.

“Our Chinese competitors, supported by recent IPOs, are advancing,” she added, seemingly referring to Moore Threads’ IPO last December, “and could potentially disrupt the global AI industry’s landscape in the long run.”

During the investors’ call, Huang also discussed the company’s anticipated investment in OpenAI, which is reported to be $30 billion.

“We are actively collaborating with OpenAI towards a partnership deal. We believe we are nearing an agreement,” Huang noted. He also pointed to collaborations with Anthropic, Meta, and Elon Musk’s xAI. However, statements Nvidia filed with the U.S. Securities and Exchange Commission on Wednesday highlighted that there was “no guarantee” an investment could occur.

Huang further addressed worries regarding the viability of tech firms’ capital expenditure commitments, expressing confidence that the computing investments would soon yield returns.

“In this new era of AI, compute is income. Without compute, creating tokens is impossible. Without tokens, revenue growth is unattainable,” Huang remarked. “We have arrived at the inflection point, producing profitable tokens that benefit customers and yield profits for cloud service providers.”

The expansion of AI data centers connecting to the national power grid has contributed to rising consumer electricity costs, pushing the average national electricity price up by over 6% in the past year.

This situation doesn’t bode well for the incumbents as the fall elections approach, and President Donald Trump highlighted the issue in his State of the Union address last night.

“We are informing major tech corporations of their duty to meet their own power requirements,” Trump stated. “They have the option to construct their own power facilities as part of their operations, ensuring that no one’s prices will escalate.”

The significant tech players involved are already aware. In recent weeks, they have made public pledges to manage electricity expenses by establishing their own power generation, paying higher tariffs, or both, as part of a larger strategy to address public relations challenges related to data center growth and to gain the trust of hesitant communities.

On January 11, Microsoft revealed its initiative “to guarantee that the electricity costs associated with operating our datacenters won’t be passed onto residential consumers.” On January 26, OpenAI promised to “bear its own energy costs, ensuring that our activities won’t raise your energy bills.” On February 11, Anthropic echoed this commitment to “offset the increased electricity costs that consumers incur due to our data centers.” Yesterday, Google unveiled the world’s largest battery project to support a data center in Minnesota.

What these pledges will mean in terms of implementation, and who will decide which data centers are accountable for which price hikes, is still unclear. The White House has not disclosed the proposed pledge’s text.

“An informal agreement with Big Tech on data center expenses falls short,” Arizona Democratic Senator Mark Kelly remarked on social media. “Americans deserve assurance that energy costs won’t escalate and that local communities will have input.”

White House representative Taylor Rodgers stated that next week, companies will send delegates to officially sign the pledge at the White House. Amazon, Google, Meta, Microsoft, xAI, Oracle, and OpenAI are reportedly included among those expected to show up. Nevertheless, none of the companies have verified their participation.

Even if tech firms choose to absorb electricity costs, on-site power generation might not solve all issues — these facilities can still negatively impact the surrounding ecosystem and may strain supply chains for natural gas, turbines, solar panels, and batteries, depending on the methods companies select to fuel their computing needs.

The U.S. cybersecurity agency CISA is reportedly facing significant challenges, based on insights from bipartisan lawmakers and industry leaders who are concerned that the agency’s capability to fulfill its primary mission has weakened, leaving it ill-equipped for a cybersecurity emergency.

Tim Starks from news site Cyberscoop engaged with various sources from Congress, the private cyber sector, and other areas, yielding a widespread agreement that CISA has been adversely affected by budget cuts and layoffs during the initial year of the Trump administration.

During this period, CISA has witnessed a reduction of approximately one-third of its workforce, resulting in the loss of programs, personnel, and expertise, which includes critical initiatives like the counter-ransomware strategy and efforts to advance secure software development. Some of these losses have involved several members of its election security team, as reported by TechCrunch last year. As the federal agency tasked with election security, CISA’s resources have been constrained, and some have cautioned that Trump’s continued fixation on promoting falsehoods about the 2020 election has led the administration to deprioritize CISA.

Additionally, CISA also reallocated hundreds of staff members to support other agencies within the Department of Homeland Security as part of the Trump administration’s extensive immigration enforcement efforts.

Numerous sources quoted by Cyberscoop attribute the agency’s troubles to either the Trump administration, Congress, or a combination thereof. Others have pointed to CISA’s acting director, Madhu Gottumukkala, as struggling to effectively lead the agency, reportedly resulting in security complications.

Since Trump took office in 2025, CISA has been without a permanent director.

The cybersecurity agency is currently said to be functioning at around 38% of its staffing capacity as the partial U.S. federal government shutdown, initiated on February 14, continues. Lawmakers have opted not to sustain funding for federal immigration authorities in light of widespread criticism following the deaths of two U.S. citizens at the hands of federal agents.

When contacted for a statement, CISA’s Gottumukkala informed TechCrunch that the agency “remains steadfast in its dedication to safeguard our federal networks against malicious cyber threat actors despite the ongoing multi-week government shutdown” of Homeland Security. 

The crypto discussion is gradually re-emerging among startups, but at ETHDenver last week, the chatter was as much focused on Washington as it was on tokens. Regulatory changes are sending waves through the market as Tether and stablecoins come under examination, while companies like Stripe re-enter the dialogue and startups either gain momentum or fail. The era of hype is coming to an end, or at the very least, hitting a pause. So what does the future hold?

In this episode of TechCrunch’s Equity podcast, Rebecca Bellan engages with Jacquelyn Melinek, CEO of Token Relations and the host of the Talking Tokens and Crypto in America podcasts, to explore how the market has evolved and what aspects of the crypto world are designed to endure.

Subscribe to Equity on YouTube, Apple Podcasts, Overcast, Spotify and any podcast platform. You can also find Equity on X and Threads, at @EquityPod.

Google is further advancing its foray into physical AI by integrating a well-known robotics software platform.

Intrinsic, a subsidiary of Alphabet that develops AI models and software aimed at enhancing the accessibility of industrial robots, is officially joining Google, as announced by both companies on Wednesday. Intrinsic will operate as a separate entity within Google, yet it will collaborate closely with Google DeepMind and utilize Google’s Gemini AI models and cloud services.

Alphabet opted not to disclose details about the financing or acquisition cost.

Intrinsic became an independent Alphabet subsidiary in 2021 after a five-year incubation within Alphabet’s X, the firm’s moonshot research division. Other entities that have emerged from X include robotaxi service Waymo and drone delivery firm Wing.

Wendy Tan White has been at the helm of Intrinsic since its spinout in 2021.

The company wasted no time. Just months after declaring its independence, Intrinsic acquired Vicarious, another robotics software firm, in April 2022. While the financial details weren’t revealed, Vicarious previously raised around $250 million from venture capitalists and industry giants like Jeff Bezos.

A few months afterward, Intrinsic purchased multiple revenue-generating divisions of Open Robotics, a nonprofit that develops hardware and software platforms for the robotics sector.

In spite of this swift growth, Intrinsic downsized its workforce by 20% in January 2023.

The organization revealed its inaugural product, Flowstate, just months later. Flowstate is a software platform crafted for developing robotics workflows tailored for developers lacking extensive robotics knowledge — which aligns with the company’s goal to enhance robotics accessibility.

Since that time, the company has refined its technology, enhanced its simulation features, and introduced the Intrinsic Vision AI model at the end of 2025.

Intrinsic announced a partnership with electronics maker Foxconn in October 2025, focusing on collaborating to create general-purpose intelligent robots to revolutionize electronics manufacturing, aiming for complete factory automation.

Currently, the company is striving to achieve these objectives with a deeper partnership utilizing Google’s AI capabilities.

“In conjunction with Google’s exceptional AI and infrastructure, we are set to unlock the potential of physical AI for a much wider range of manufacturing businesses and developers. This will fundamentally transform production, from its economics to logistics, and facilitate genuinely advanced manufacturing,” Tan White stated in the company’s blog announcement.

This development is a strategic move for Google, as prominent tech figures, including Nvidia’s Jensen Huang and Qualcomm’s Cristiano Amon, perceive physical AI as the next logical progression in the commercialization and evolution of AI models and technologies.

On Wednesday, Snapchat revealed it will hold its inaugural awards ceremony on March 21. Dubbed “The Snappys,” this event aims to honor “the creators shaping culture on Snapchat,” according to the social media powerhouse.

Awards will be presented to creators in categories such as “Spotlight MVP,” “Best Storyteller,” and “Breakout Creator of the Year,” in addition to recognitions spanning fashion, beauty, sports, music, food, and gaming. Other categories include collaboration, comedy, and cultural impact.

“These accolades collectively represent the diverse ways in which creators ignite discussions, foster community, and shape culture on Snapchat,” the company shared in a blog. “The Snappys reinforces Snapchat’s continued dedication to honoring creators not merely as users, but as artists, entertainers, and cultural influencers.”

Snapchat joins other social media platforms in awarding creators. Meta-owned Instagram initiated a new “Ring” award last October to acknowledge creators globally. Instagram went public with the 25 winners, each receiving a custom-designed physical ring by English fashion designer Grace Wales Bonner, in addition to a digital golden ring featured on their Instagram profile.

In November, TikTok introduced its first-ever TikTok Awards show in the U.S. Similar to Snapchat, Instagram distributed category-specific accolades, such as “Creator of the Year,” “Video of the Year,” “Muse of the Year,” “Breakthrough Artist of the Year,” and others. Notably, TikTok has previously conducted awards ceremonies in other nations, including Germany, Mexico, and Korea.

The awards from Snapchat align more closely with those of TikTok, as it will also host a conventional awards show where winners will be announced live. The company states that the event will gather “creators, industry leaders, and special guests.” Among the “special guests” is DJ Khaled, who will be honored with Snapchat’s “Lifetime Achievement Award.”

By launching these awards, Snapchat and its competitors are redefining their roles beyond simple social media applications, establishing themselves as significant participants in the entertainment realm. 

The Snappys will be emceed by comedian and creator Matt Friend and are set to occur at Snap’s headquarters in Santa Monica. Snapchat has indicated it will share further information, including nominee lists, in the upcoming weeks.

Upon observing Elon Musk enthusiasts enthusiastically driving up a contract on the prediction market Kalshi that suggested the Department of Government Efficiency (DOGE) could successfully lower federal expenditures within a year, Alan Cole realized he had to make the bet, as reported in The Wall Street Journal about Cole’s earnings.

Cole, an international tax specialist, understood one thing in life: slashing federal spending wouldn’t happen overnight, he stated to the WSJ. Even if DOGE terminated certain federal contracts and downsized its workforce (which it indeed did), numerous existing commitments and the soaring federal debt would persist.

Consequently, he staked his entire life savings — exceeding $342,000 — on the opposing bet that the U.S. federal budget wouldn’t instantaneously contract. He gradually acquired 3% of a Kalshi prediction market that had escalated to $12 million (making some hedging bets during the process), he mentioned to the WSJ.

When the government published the 2025 year-end spending report on February 20, evidencing increases from 2024, Cole emerged with $470,300 and a substantial $128,000 gain.

A seasoned cybersecurity leader who prosecutors claimed “betrayed” the United States is set to serve a minimum of seven years in prison after admitting guilt to the theft and sale of hacking and surveillance tools to a Russian company.

Peter Williams, a former executive at U.S. defense contractor L3Harris, received a sentence of 87 months on Tuesday for disclosing trade secrets from his former employer in exchange for $1.3 million in cryptocurrency between 2022 and 2025. He sold these exploits to Operation Zero, described by the U.S. government as “one of the most notorious exploit brokers globally.” 

The conviction of Williams is part of one of the most notable breaches of sensitive, Western-developed hacking tools in recent times. Even with the conclusion of the case, many questions remain unanswered.

Williams, a 39-year-old Australian national living in Washington, D.C., was the general manager of Trenchant, the segment of L3Harris responsible for creating hacking and surveillance instruments for the U.S. government and its key intelligence partners globally. Prosecutors suggest Williams exploited his “full access” to the company’s secure networks to transfer hacking tools to a portable hard drive, and subsequently to his personal computer. He communicated with Operation Zero using an alias, making it uncertain whether they knew his true identity.

Trenchant comprises a team of hackers and bug hunters who deeply analyze popular software produced by companies like Google and Apple, pinpointing vulnerabilities in vast lines of code, then inventing methods to convert these vulnerabilities into usable exploits that can reliably compromise those products. These tools are commonly referred to as zero-day exploits due to their exploitation of software defects unknown to the developer, often valued in the millions.

The U.S. Department of Justice claimed that the hacking tools sold by Williams could have enabled their users to “potentially access millions of computers and devices globally.”

For several months, I had been in conversations with sources and covering Williams’ situation before news of his arrest circulated. However, the information I gathered was fragmented and at times inconsistent. I had heard of an arrest, but due to the clandestine nature involved in exploit development, establishing the facts would prove difficult.

Initially, when I learned of Williams, I wasn’t certain I had even accurately identified him. At that time, his story circulated as a rumor within the confidential networks of zero-day exploit developers, sellers, and individuals linked to the intelligence sector. 

I heard varying names, perhaps John, or maybe Duggan? Or all the various ways to spell that in English. 

Some of the early rumors were conflicting. It seemed he had taken zero-days from Trenchant and sold them to Russia, or possibly to another adversary of the United States and its allies, like North Korea or China? 

It took several weeks just to verify that indeed there was an individual who matched that description. (It became apparent that Williams’ middle name is John, and Doogie is his hacker alias.)

Over time, as the reporting proceeded, clarity began to emerge. 

The Russian connection

As I initially disclosed in October, Trenchant terminated an employee after Williams, who was still leading Trenchant at that point, accused him of stealing and leaking Chrome zero-days. This situation grew even more intriguing when the employee informed me that after his dismissal, Apple alerted him that someone had targeted his personal iPhone.

What I uncovered was merely the beginning. I had gathered more from my sources, yet we were still piecing the narrative together. 

Shortly thereafter, prosecutors formally accused a man named Peter Williams of stealing trade secrets, which first appeared in the U.S. public court documentation. The initial court filing confirmed that the purchaser of these secrets was a buyer based in Russia.

However, there was no direct mention of L3Harris or Trenchant, nor was it established that the trade secrets that Williams pilfered were zero-days. Importantly, we still could not definitively verify whether it was the same Peter Williams thought to possess access to highly sensitive exploits as Trenchant’s head, or if this was just an unfortunate case of mistaken identity.

We still weren’t there.

On a hunch, with nothing to lose, we reached out to the Department of Justice to inquire if they would verify that the individual named in the document was indeed Peter Williams, the former head of L3Harris Trenchant. A spokesperson confirmed.

At last, the story became public. A week later, Williams entered a guilty plea. 

When I first learned about his situation, I trusted my sources, yet I remained doubtful. Why would someone like Williams engage in the actions described by the rumors? Yet he did, allegedly for financial gain, which he utilized to purchase a home, jewelry, and luxury watches. 

This marked a significant fall from grace for Williams, once considered a talented and brilliant hacker, and particularly for someone who had previously served at Australia’s foremost foreign intelligence agency and in the nation’s military. 

What happened to the stolen exploits?

We still lack specific details regarding which exploits and hacking tools Williams appropriated and distributed. Trenchant projected a loss of $35 million, according to court records. However, Williams’ legal team indicated that the pilfered tools were not designated as classified government secrets.

We can deduce certain insights based on the case’s circumstances. 

Since the Justice Department stated that the stolen tools could be utilized to infiltrate “millions of computers and devices,” it is plausible that they pertain to zero-days in widely-used consumer software such as Android devices, Apple’s iPhones and iPads, and various web browsers.

There is some evidence suggesting this direction. At a hearing last year, prosecutors recited a post from Operation Zero on X, as per independent cybersecurity journalist Kim Zetter, who attended the hearing. 

“Due to high demand on the market, we’re increasing payouts for top-tier mobile exploits,” stated the post, explicitly mentioning Android and iOS. “As always, the end user is a non-NATO country.”

Operation Zero offers significant sums for insights into security vulnerabilities in Android devices and iPhones, messaging applications like Telegram, as well as various software, such as Microsoft Windows, and hardware vendors, including multiple brands of servers and routers. 

Operation Zero alleges cooperation with the Russian government. When Williams sold the exploits to the Russian broker, Putin’s extensive invasion of Ukraine was already active.

On the day Williams was sentenced, the U.S. Treasury announced sanctions against Operation Zero and its founder Sergey Zelenyuk, labeling the organization a national security hazard. This was the first government confirmation that Williams had sold the exploits to Operation Zero. 

In its statement, the Treasury noted that the broker “sold those stolen tools to at least one unauthorized user.” At this juncture, we remain unaware of the identity of this user, who could be a foreign intelligence agency or possibly a ransomware group, as the Treasury also sanctioned Oleg Vyacheslavovich Kucherov, an alleged member of the Trickbot gang, who reportedly worked with Operation Zero.

In a court filing, prosecutors indicated that L3Harris managed to determine that “an unauthorized vendor was selling a component” of one of the stolen trade secrets “by matching company-specific vendor data found on a stolen component.” 

Prosecutors also claimed that Williams “recognized code he authored and sold” to Operation Zero “being used by a South Korean broker,” further implying that both L3Harris and prosecutors are aware of which tools were pilfered and sold to Operation Zero. 

Another question that remains is: Did anyone, whether the U.S. government or L3Harris, notify Apple, Google, or whichever technology company’s products were compromised by the zero-day vulnerabilities, now that the exploits had leaked?

Any organization or developer would want to ascertain that someone could have employed (or could still utilize) a zero-day against their users and clients to patch the flaws as quickly as possible. At this point, the zero-days are of no benefit to L3Harris and its government clients.  

Inquiries to Apple and Google yielded no responses. L3Harris also did not provide a reply. 

Who hacked the scapegoat, and why?

Then there is the enigma of the scapegoat, who was dismissed following Williams’ allegations of theft and leaking of code.

During sentencing, Justice Department prosecutors affirmed that the employee was terminated, stating that Williams “stood idly by while another employee of the company was essentially blamed for [his] own actions.” In defense, Williams’ attorney countered prosecutors by asserting that the former employee “was dismissed for misconduct,” referencing claims of dual-employment and improper management of the company’s intellectual property.

According to a court document filed by Williams’ legal representatives, in the course of the L3Harris internal investigation, the company placed the employee on leave, confiscated his devices, sent them to the U.S., and “offered them to the FBI.” 

In response to requests for comments, an unnamed FBI spokesperson stated that the bureau had nothing further to contribute aside from the Justice Department’s press release. 

After his termination, the employee, who we’re identifying as Jay Gibson, received a warning from Apple stating that his personal iPhone was targeted “with a mercenary spyware attack.”

Apple issues these alerts to users it suspects are targeted by attacks utilizing tools produced by firms like NSO Group or Intellexa.

Who attempted to hack Gibson? He received the alert on March 5, 2025, more than six months after the FBI investigation had commenced. The FBI “regularly interacted with [Williams] in late 2024 through the summer of 2025,” according to a court document.

Considering the nature of the leaked tools, it is reasonable to speculate that the FBI, or possibly even a U.S. intelligence agency, might have targeted Gibson as part of the inquiry into Williams’ leaks. However, we cannot say for certain, and it’s possible that neither the public nor Gibson will ever learn the truth.

Updated to clarify the 22nd paragraph attributing the tools’ lack of classification to Williams’ attorneys.