Security researchers found a critical vulnerability in Google's Fast Pair protocol, called “WhisperPair,” allowing attackers to hijack Bluetooth audio devices to track and eavesdrop on users. The flaw affects numerous devices, regardless of smartphone OS, due to improper implementation allowing unauthorized pairing. Attackers can exploit it from up to 14 meters away, gaining control of the devices for malicious purposes. Google awarded researchers $15,000, but security updates are still pending for many devices. Users must install firmware updates to mitigate risks.
Critical WhisperPair Flaw Lets Hackers Track, Eavesdrop Via Bluetooth Audio Devices

