All of the things you don't expect hackers to be able break into, it surely has to be a humble set of headphones, earbuds, or wireless speakers. However, if they happen to use a specific Bluetooth pairing technology from Google, then there is a possibility that someone could remotely control the device, tap into the microphone, or even track its location.
The tech in question is Google's Fast Pair system, which allows compatible devices to connect super quickly (i.e. one tap and you're done). As reported by Wired, researchers at KU Leuven University in Belgium analysed a range of different audio devices and discovered that the Bluetooth protocols used were vulnerable to being remotely hacked.
Rather than just your phone being hooked up to your spangly new headphones, somebody else could join the connection, entirely undetected. Once in, they could do something as innocent as change volume levels or, far more worryingly, listen to what the microphones are picking up. Worse still, if the device supports Google's Find Hub tracking network feature, the location could be monitored.
As with all such vulnerabilities, there isn't just one hack, but a collection of techniques that can be employed. The researchers have given this cohort the name WhisperPair, which seems like a far too friendly name for something so nefarious. While this might seem all very alarming, the good news is that the Belgian team passed on the discovery to Google straight away.
"We reported our findings to Google in August 2025, which classified the issue as critical (CVE-2025-36911). We agreed on a 150-day disclosure window, during which Google could work with their ecosystem partners to release security patches."
However, it's worth noting that while Google told Wired that it "worked with these researchers to fix these vulnerabilities, and we have not seen evidence of any exploitation outside of this report’s lab setting," any fix requires the end user to update the firmware on their audio devices. Wired also received word from the researchers that they discovered a bypass for the Find Hub fix, and there's still no word on a full solution yet.
If you think you have a headset or speaker system that could be affected, I'd check with the vendor immediately. I don't say this to be alarming, but the more people that request a fix from vendors, the quicker they'll be rolled out, if they haven't already.
Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.
.png){kind=logo}
2 hours ago
2
English (US) ·