I doubt you will find an answer here, but a few bits of anecdata:

1. CIA had recruiting events that invited STEM majors at my university, I suspect they do this very broadly.

2. Our funding came partially from the Air Force and part of the rules was our data and source had to be open. We know from conversations and other details from integrating with Air Force partners that they had models like ours that were an order of magnitude more accurate because they amalgamated models from all academics in our field and had their own career scientists on staff (often coming up through military ranks)

Don't think of it as a materials simulation engineer being recruited and trained on how to write complex malware.

Rather this was developed by a team of 6-8 people. Maybe two or three of them working on the implant, another engineer handling the exploits and propagation, and yet another building the LP and communications channels. They are supported by a scientist with deep knowledge of the process they are messing around with (say developing nuclear weapons), and a mathematician that knows how to introduce subtle and undetectable errors.

Try to remember how hypothetical everything tended to be before Snowden. And 'twas a meager pittance that was revealed. They have toys that'd blow minds and people yee'd swear weren't people. It's all fun and games to poke fun, but holy shit those guys are NTBF'dW.

Every academic institution, every school, all under the radar of recruitment and more. It's difficult to believe, but the network is real.

There are certainly people here on HN who've been solicited, most who'll never mention it.

It's fun to imagine, though, what tight groups of highly motivated, stupidly intelligent people can do when they collectively commit to doing so - and with a hefty budget to assist.