This time, the vuln du jour is due to failure to sanitize a user-input field—specifically, the phone number field AirTag ... victim's phone to a zero-day no-click browser vulnerability.