https://arstechnica.com/information-technology/2021/09/apple-airtags-can-be-abused-to-direct-finders-to-malicious-websites/

The hits keep coming to Apple's bug-bounty program, which security researchers say is slow and inconsistent to respond to its vulnerability reports.

This time, the vuln du jour is due to failure to sanitize a user-input field—specifically, the phone number field AirTag owners use to identify their lost devices.