While the regular item tracker opens the Find My website, researchers created a modified item tracker that opens a non-related URL, which could be used for phishing or anything else.
Source: cyware.com