My assumption is that most CAs have someone working for them who is also employed by an intelligence agency, possibly more than one from any given agency and more than one agency per CA (and more than one national government, e.g. both Russia and the USA have intelligence interests in Russia); this may be any combination of actively inserting malware, passively watching to get forewarning of zero-days before the CAs themselves know about them, and actively advising the CAs about exploits the agencies know about that aren't public yet.
Most of the agencies are likely to be more subtle than this, given it took Snowden's whistleblowing for us to learn about much of what they actually got up to.
But not all of them will be super-competent, and some of them will be spotted from the outside in much the way this was.
Most of the agencies are likely to be more subtle than this, given it took Snowden's whistleblowing for us to learn about much of what they actually got up to.
But not all of them will be super-competent, and some of them will be spotted from the outside in much the way this was.