Trezor developer confirms private keys can be extracted if firmware is corrupt

A developer has acknowledged that a malicious firmware update can "exfiltrate" the seed and record the passphrase of a Trezor device