This lets an hacker to design emails that load remote HTML content when opened.

The username and password collected from the victim are then mailed back to the hacker.

Soucek has published the source code for an iOS 8.3 inject kit onGitHub.

Apple iOS flaw can be exploited to steal user id and password with a phishing email

Even if the faults are fixed, these variants are currently for use to developers only.

source: www.techworm.net