Audio Accessory Flaw Converts Headphones Into Spy Tool

'WhisperPair' Flaw Likely to Endure for Years Greg Sirico • January 23, 2026

A hacker could secretly record phone conversations, track users' locations and blast music through headphones due to a flaw in implementations of a Google-developed low-energy technology for discovering nearby Bluetooth devices.

See Also: On-Demand | NYDFS MFA Compliance: Real-World Solutions for Financial Institutions

Researchers at the Belgium’s KU Leuven University Computer Security and Industrial Cryptography group disclosed this month that a smart device system called Fast Pair can allows attackers to forcibly pair a wireless accessory such as headphones or earbuds with an attacker-controlled device.

The team behind the disclosure dubbed the vulnerability "WhisperPair." The flaw, tracked as CVE-2025-36911, lies in how many accessory manufacturers implement Fast Pair. Namely, researchers said, they allow devices to pair with accessories even if the accessory is not in pairing mode.

A WhisperPair attack "succeeds within seconds (a ...