> CVE-2025-43529 allows threat actors a direct code execution capability, while CVE-2025-14174 provides the much needed sandbox escape and privilege escalation capabilities which makes it devastating
Good news for people wanting to run the code they want on their own devices?
Yep! It's good for jailbreaking, but it's a double edged sword because it's a similar approach that offensive actors use.
Most users lack the domain experience needed to protect and maintain hygiene against threat actors.
you and your friends can both run code on your device!
this assumes your friends are actually a North Korean APT