Apple accidentally unpatched a vulnerability first patched in iOS 12.3, and researchers used it to create an iOS 12.4 jailbreak (via Motherboard).
iOS 12.4 Jailbreak
Over the weekend, security researchers discovered that a vulnerability that Apple patched in iOS 12.3 was accidentally unpatched in iOS 12.4. This is the first jailbreak for current iPhones in years. The vulnerability was found over 100 days ago by Google’s Project Zero. This leaves Apple customers in potential danger, because security holes that enable jailbreaking also leave the iPhone wide open for malicious hacking.
The researcher told Motherboard that “somebody could make a perfect spyware” taking advantage of Apple’s mistake. For example, he said, a malicious app could include an exploit for this bug that allows it to escape the usual iOS sandbox—a mechanism that prevents apps from reaching data of other apps or the system—and steal user data…
“It is very likely that someone is already exploiting this bug for bad purposes,” Pwn20wnd said.
Further Reading:
[Apple Arcade Early Access Program Suggests $5 Subscription]