Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices

Security researchers have discovered a critical vulnerability in Google's Fast Pair protocol, dubbed WhisperPair, that can allow attackers to hijack Bluetooth audio accessories, track users, and eavesdrop on their conversations. The flaw affects hundreds of millions of wireless headphones, earbuds, and speakers from multiple manufacturers that support Google's Fast Pair feature. Google awarded the researchers $15,000 and worked with manufacturers to release security patches, but updates may not yet be available for all vulnerable devices. The only defense against attackers hijacking vulnerable Fast Pair-enabled Bluetooth accessories is installing firmware updates from device manufacturers.