Key Reinstallation Attacks, or KRACKs (follow the link for the full article). The 3rd message of the 4 way handshake is mimicked by the attacker, forcing a client to reinstall the same encryption key over and over. This can be done because Access Points can re-transmit message 3 if they don’t receive an appropriate response, meaning that a client can also receive the message multiple times. It’s especially effective against anything using wpa_supplicant, such as Android Phones.
To counter this, I assume some kind of security patch or other will be released soon, but this could mean the replacement of WPA-2. Only now we have a lot more replacing to do than when other protocols were replaced, which means a lot of devices are still going to be using WPA-2.
Edit: Also, I’m sure you guys already know this (we are on rootsh3ll.com after all) but please, protect your shit. Don’t do stupid stuff like make your online bank account password boobies12 and then save it in a cookie.