On June 29 at REcon, Citizen Lab senior researcher Bill Marczak and co-presenter Daniel Roethlisberger will recount how they discovered a Pegasus exploit targeting iOS 10 devices back in 2017. They will describe their investigation, analyze the root cause of the vulnerability, detail how the exploit leveraged the vulnerability to gain code execution after boot, and explain how the vulnerability was mitigated.