This article, covers a recent tweet that displayed a vulnerability where a specific SSID name could permanently disable an iPhone's wifi functions. Luckily for user, @vm_call, a user in the replies found a way to fix the wifi. The article covers the process by which the SSID is processed and what the actual issue that causes the crash is. It seems a bit weird to write a blog post about a blog post, but this topic was incredibly interesting and the original tweet and the conversation around it was fun to follow. As for the potential for exploitation for this vulnerability, it isn't something that could be used in it's current state. The target can see the name of the SSID they are connecting to, so they would know that they were connecting to a potentially dangerous network.
Wifi fragmentation and aggregation attacks (FragAttacks) are a new collection of vulnerabilities in which a threat actor can exfiltrate data or attack victims within radio range. Mathy Vanhoef, a postdoctoral researcher at New York University Abu Dhabi, recently published his paper, Fragment and Forge: Breaking Wi-Fi through Frame Aggregation and Fragmentation , detailing several attack vectors and examining the intricacies of the aggregation vulnerabilities that have been part of the 802.11 standards since the inception in 1997. Quite interestingly, every device tested was susceptible to one or more of the FragAttacks. While several 802.11 standards make these attacks harder to perform, they can be executed on all devices across all standards. It's a good thing then, that there was a nine-month embargo on information related to these attacks, allowing manufacturers to provide security updates to affected devices. Mathy Vanhoef has also created a website documenting the FragAttack