Developer xyz just published a lengthy and detailed explanation of the Webkit exploit (used in the HENkaku hack on PS Vita 3.60) on his blog.
The first step of the HENkaku hack is a webkit exploit, based on a proof of concept acquired by Team molecule from an undisclosed source. The exploit was not a known bug in Webkit, at least not publicly.
In the writeup, xyz explains how the exploit is initially triggered, how it unlocks arbitrary Read/Write in memory while defeating ASLR, Stack pivot protection, and other security measures put in place on the Vita to prevent arbitrary code execution. Xyz also explains how the Webkit part of the hack was patched in firmware 3.61.
Yifanlu has challenged people from the security community to reverse engineer the HENkaku exploit, in an attempt to bring more interest to the Vita hacking scene. Xyz, as one of the hackers behind HENkaku, is not participating in the challenge but promised to bring full explanations after other people unravel more layers of the exploit by themselves.