SS7 protocol is still vulnerable even though it's known since at least 2014 that it can be used (and has been in wild) for man-in-the-middle attacks. And we're talking of one of the core protocols of every cellular network in the world.

Security (and especially infra-sec) unfortunately just doesn't keep up with the real world challenges that well...