Before the days of Electra and unc0ver dawned upon us, there was Yalu, an iOS 10-centric jailbreak too by the talented hacker Luca Todesco (@qwertoruiopz); but apart from a few teasers here and there, the jailbreak community hasn’t heard much him since the Yalu days – that is, until now.
In a bombshell Tweet shared this week, Todesco released what appears to be a WebKit-based exploit that allows remote code execution (RCE) in web browsers with JIT. What’s more is that the exploit was only just fixed three days ago, which means it should be viable on all versions of iOS up to Apple’s latest release – 12.1.4: