There's a new exploit for Broadcom wifi (specifically BCM43xx series) that is in around a BILLION smart phones. Android and iOS both use Broadcom for wifi. Not only does this exploit let an attacker within broadcast range of a device execute unsigned code, but the device can be made to carry the malware and infect others within range.
http://hackaday.com/2017/07/29/broadpwn-all-your-mobiles-are-belong-to-us/When this goes live, it's going to be huge. Glad I've still got my iPhone 4s which isn't on the list:
* Samsung Galaxy from S3 through S8, inclusive
* All Samsung Notes3. Nexus 5, 6, 6X and 6P
* All iPhones after iPhone 5