The Broadcom WiFi is a particularly large binary blob that runs on its own CPU, with full access to device RAM. And that's just the WiFi.

It was published in WikiLeaks back in 2015 or so that the American intelligence agencies patch those blobs with their malware on the manufacturing line. A long list of products and details about the exploits was revealed. My understanding is they work as passive spy devices, but don't contribute to mass surveillance by regularly sending data, instead laying dormant and ready for targeted intelligence gathering.