pull down to refresh

The flaw has been found in the WebKit browser engine developed by Apple, and it allows attackers to gain arbitrary code execution on targeted devices by tricking the targets into opening web pages containing maliciously crafted content.
Bad. Big bad.