Out of curiosity, how often do you see recycled gov techniques e.g. something the NSA or the like did shows up rehashed elsewhere later on in another groups code?
Almost never. The NSA operates mostly not via code planting, but by leaving exploits intentionally unpatched. This makes them difficult to track, but also makes it nearly impossibly to say not running an MS antivirus or something like it is dangerous if the alternative is nothing.
I will state that I think the NSA has been stepping back from those activities lately given the public backlash, but that's just opinion, mostly.
I did see some firmware level rootkits that are supposedly NSA grade stuff, one of them is documented here. But I found no evidence linking the actual culprit to the NSA, more to somewhere more... eastern if anything.
My woman does, and that's all that matters.
Good on you.