End-to-end-encryption doesn't protect you if the company holding your keys can be coerced by central authority (eg. Apple, Google, Microsoft, etc.). It's been long speculated that many world governments have this capability, and all of it is enabled by the inroads the US government has with domestic tech superpowers.
Believe whatever you want to believe, but I doubt this was a freudian slip. This dude probably saw an internal recon kit that could feasibly have these capabilities, and accidentally got caught bragging about it to the press. Happens very often in the USA as well.
I'm confident there is some sort of capability for Aus intelligence agencies, and five eyes by definition, to intercept WhatsApp and Signal messages.
How that may work is a bigger question. I suspect indirect. For example: silent and targeted deployment of a "software update" to a specific ios or Android device.
Companies break state surveillance capabilities all the time. With every patch some opportunities close which is why agencies hoard exploits to give them a resilient capability. Apple doesn't take permission, we know this from their pushback against the FBI trying to get them to change code to unlock that iPhone.
Believe whatever you want to believe, but I doubt this was a freudian slip. This dude probably saw an internal recon kit that could feasibly have these capabilities, and accidentally got caught bragging about it to the press. Happens very often in the USA as well.