Simcards are arguably the most widespread hardware devices on this globe. Finding a leak and exploiting that could have an enormous impact. Linus N gave a workshop on an overview of recent the leak found on simcards. In essence, simcards can be reporgrammed by providers to update them. This is done trough so-called OTA messages, binary text-messages used by the GSM protocol.
Although these messages are encrypted and signed, an error allows simcards to return keys, and poor configuration makes some simcards use DES instead op tripleDES.
Exploiting the leaks allows you to reporgram the SIMcard yourself, and on top of that in certain cases access the passphrase of the simcard that allows for cloning and other maliscious behaviour.