I don't usually post random tech news type articles here, but this story is really interesting to me, and I didn't see it when it came out a few months ago.
To summarize:
Apple devices will respond to any seemingly valid bluetooth packet purporting to be from an AirTag and broadcast that out to their network. If an attacker then says to the network "Hey have you seen my device with ID 1234?" the network will forward those packets along to them. The key problem is that small amounts of arbitrary data can be inserted into those packets. The example given the the POC attack is a hardware keylogger which uses the Find My network to transmit recorded keystrokes without using the devices network (which might be detected), or even if the device is totally offline.
To be clear, this has nothing to do with tracking the location of a device, and instead is just taking advantage of Apple's Find My network to transmit messages in places where it might not otherwise be possible.
