Canadian cybersecurity company Magnet Forensics Inc. has filed a lawsuit against a former contractor, accusing him of leaking confidential information about a previously undisclosed iPhone security flaw to a competing cybersecurity firm.
The lawsuit was filed in the US District Court for the Northern District of Georgia against Mario Del Gaudio and Spanish cybersecurity company Paradigm Shift Technology S.L.
According to Magnet Forensics, the disclosure exposed a valuable zero-day vulnerability that the company had been using to help government agencies access locked iPhones during criminal investigations.
What Is the Dispute About?
Magnet Forensics alleges that Mario Del Gaudio shared confidential trade secrets related to an undisclosed security flaw affecting Apple’s A12 and A13 chips, which power several iPhone models.
The company claims the vulnerability was later published on Paradigm Shift Technology’s blog, making the information publicly available.
Magnet argues that once the flaw became public, Apple was alerted to the vulnerability and gained the opportunity to fix it. As a result, the exploit lost much of its commercial value for the company’s government customers.
The lawsuit describes the disclosure as causing “irreparable harm and continuing damage” to the business.
Neither Del Gaudio, his lawyer, nor Paradigm Shift Technology had responded to requests for comment at the time of reporting.
What Is a Zero-Day Vulnerability?
A zero-day vulnerability is a software or hardware security flaw that is unknown to developers and cybersecurity teams.
Because the issue is not yet discovered or patched, attackers can exploit it before a security update becomes available. These vulnerabilities are considered highly valuable because they provide access to systems that would otherwise remain secure.
Cybersecurity companies often discover such flaws and, in some cases, develop specialised tools that government agencies use for lawful investigations.
Magnet Forensics’ Claims
According to the court filing, Magnet Forensics developed a hacking capability using the A12 and A13 chip vulnerability. The tool reportedly allowed authorised law enforcement agencies to recover and analyse data from iPhones that would otherwise remain inaccessible.
The company said Del Gaudio worked directly on developing this exploit while serving as an iOS exploit engineer for Magnet.
However, Magnet now alleges that he later participated in research published by Paradigm Shift involving the same vulnerability, violating the confidentiality agreement he had signed during his time with the company.
The lawsuit also states that Magnet sent several cease-and-desist letters, but the research remains publicly available online.
Company Background
Magnet Forensics is one of the world’s leading digital investigation companies.
The company provides forensic software and cybersecurity tools to more than 6,000 public and private sector customers across 100 countries.
In 2023, private equity firm Thoma Bravo acquired Magnet Forensics in a deal valued at $1.3 billion, further expanding its presence in the digital forensics industry.
Growing Concern Over Cybersecurity Secrets
The case highlights the growing competition among cybersecurity firms that develop advanced digital investigation tools for government agencies.
It also follows another high-profile incident in 2025, when a former government contractor working for military contractor L3Harris Technologies Inc. pleaded guilty to stealing offensive hacking tools and selling them to a Russian broker. He was later sentenced to more than seven years in prison.
As cyber tools become increasingly valuable, disputes over confidential exploits and trade secrets are becoming more common within the cybersecurity industry.
The court will now determine whether the former contractor violated his contractual obligations and whether the alleged disclosure caused financial losses to Magnet Forensics.
