Magnet Forensics Accuses Former Contractor of Leaking iPhone Chip Flaw
Magnet Forensics sues ex-contractor over leaked iPhone hacking flaw.
Canadian cybersecurity company Magnet Forensics has filed a lawsuit against a former contractor, alleging he stole confidential trade secrets related to a previously undisclosed iPhone security vulnerability and shared them with a competing firm. The lawsuit, filed in the US District Court for the Northern District of Georgia, names former contractor Mario Del Gaudio and Spain-based Paradigm Shift Technology S.L. as defendants. According to the complaint, the alleged disclosure involved a zero-day vulnerability affecting Apple's A12 and A13 iPhone chips, technology that Magnet claims was central to its forensic tools used by government and law enforcement agencies.
Magnet Forensics alleges that the vulnerability was publicly revealed through a research blog published by Paradigm Shift Technology after Del Gaudio left the company. Zero-day vulnerabilities are software or hardware flaws that are unknown to developers and security teams, leaving them vulnerable to exploitation until a fix is developed. The company argues that making the flaw public significantly reduced its commercial value by alerting Apple to the issue, allowing the company to investigate and potentially patch the vulnerability before customers could continue using the exploit.
According to court filings, Del Gaudio worked directly on the A12 and A13 exploit while serving as an iOS exploit engineer for Magnet Forensics. The company claims he spent months developing the capability before later contributing to Paradigm Shift's published research on the same vulnerability. Magnet alleges this breached contractual obligations, including confidentiality agreements signed during his engagement with the company. It further claims the disclosure caused "irreparable harm and continuing damage" to its business and intellectual property portfolio.
Also Read: Apple Sues OpenAI Over Alleged Theft of Trade Secrets
The lawsuit states that Magnet's technology enables authorised government agencies and law enforcement organisations to access, recover and analyse digital evidence from iPhones that would otherwise remain inaccessible. The company serves more than 6,000 public and private sector customers across approximately 100 countries. Magnet was acquired by private equity firm Thoma Bravo in 2023 in a deal valued at around $1.3 billion, reflecting the growing importance of digital forensics and cybersecurity solutions worldwide.
Magnet Forensics also claims it issued multiple cease-and-desist notices requesting that the research be removed from public view. However, the company says the material remains available online. Neither Del Gaudio, his legal representatives, nor Paradigm Shift Technology immediately responded to media requests for comment. Apple also did not issue an immediate response regarding the alleged vulnerability or the legal proceedings.
The case highlights the increasing commercial value of zero-day exploits and the legal disputes that can arise over their ownership and disclosure. Such vulnerabilities are highly sought after in the cybersecurity industry because they provide access to systems before software vendors develop security patches. The lawsuit follows other high-profile cases involving stolen hacking tools, including a 2025 criminal case in which a former government contractor was sentenced to prison for stealing and selling offensive cyber capabilities to a Russian intermediary.
Also Read: India's First Private Orbital Rocket Vikram-1 Set For Historic Liftoff Today