WhisperPair: Hijacking Bluetooth Accessories Using Google Fast Pair WhisperPair is a family of practical attacks leveraging a flaw in the Google Fast Pair implementation on flagship audio accessories.

The paper on the security analysis of Google Fast Pair has been accepted at IEEE S&P (Oakland) 2026. It presents the first in-the-wild security analysis of Fast Pair and uncovers systemic ecosystem-wide failures.

#whisperpair #google #fastpair #bluetooth

whisperpair.eu

Curious about the #WhisperPair vulnerabilities in Google’s Fast Pair protocol - impacting hundreds of millions of Bluetooth devices? Join the authors next week for a free COSIC seminar on March 26 to learn more.
www.esat.kuleuven.be/cosic/?post_...

Ataque WhisperPair: ¿Están seguros tus auriculares? El ataque WhisperPair (CVE-2025-36911) es una vulnerabilidad en Google Fast Pair que permite espiar tus auriculares. Comprueba si estás afectado.

¡Alerta! El Ataque WhisperPair permite espiar a través de tus auriculares Bluetooth. Descubre en mi último artículo si estás afectado y cómo proteger tu privacidad. #Ciberseguridad #WhisperPair

Etes-vous impacté par WhisperPair? • Cryptrz La récente proof-of-concept de WhisperPair montre comment des écouteurs Bluetooth sont facilement piratable. Testons ensemble!

Etes-vous impacté par #WhisperPair, la faille qui permet d’espionner vos conversations et localiser votre téléphone ? (CVE-2025-36911 pour les intimes)

(Feat. Courte démo en vidéo)

cryptrz.org/wordpress/20...

Renard qui s'asume avec WhisperPair dans le bus pour pirater les vilains inconnus

Etes-vous impacté par #WhisperPair, la faille qui permet d’espionner vos conversations et localiser votre téléphone ? (CVE-2025-36911 pour les intimes)

(Feat. Courte démo en vidéo)

cryptrz.org/wordpress/2026/01/24/ete...

Hundreds of Millions of Audio Devices Need a Patch to Prevent Wireless Hacking and Tracking Flaws in how 17 models of headphones and speakers use Google’s one-tap Fast Pair Bluetooth protocol have left devices open to eavesdroppers and stalkers.

Will trade a free link to this Wired article for EU hosted WhisperPair affected devices website.

www.wired.com/story/google...

#Tech #Wired #Bluetooth #InfoSec #WhisperPair

Sayon Duttagupta successfully defended his PhD thesis on "Analysis and Design of Cryptographic Protocols for IoT Devices" today! 🥳🎓
Want to know more about Sayon's work? Check out the recent #whisperpair attack: www.youtube.com/watch?v=-j45...

Aktualizujte si firmware bluetooth sluchátek pokud se vás týká a můžete-li. #WhisperPair

www.youtube.com/watch?v=aXg1...

Aktualizujte si firmware bluetooth sluchátek pokud se vás týká a můžete-li. #WhisperPair

https://www.youtube.com/watch?v=aXg19zvF_xM

WhisperPair: un bug critico mette a rischio milioni di dispositivi Bluetooth

📌 Link all'articolo : www.redhotcyber.com/post/whi...

#redhotcyber #news #cybersecurity #hacking #bluetooth #vulnerabilita #googlefastpair #whisperpair

ワイヤレスイヤホンが盗聴器に？Google Fast Pairの仕様突く「WhisperPair」発覚。10秒・14m以内でデバイス制御を奪取、対象機器の確認と更新を Bluetooth機器のペアリングを簡略化する「Google Fast Pair」は、Androidユーザーにとって欠かせない機能です。しか... ### 関連記事: 1. JBL เปิดตัวหูฟังตระกูล Endurance รุ่นใหม่ที่ CES 2026 เน้นการออกกำลังกายและความทนทาน 2. JBL Rilis Empat Headphone Endurance Baru di CES 2026, Fokus Olahraga dan Latihan Intensif 3. JBL Endurance 新系列耳機亮相 CES 2026，涵蓋開放式、真無線、頸掛與有線設計

Last week on Malwarebytes Labs: * WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesdropping * Dutch police sell fake tickets to show how easily scams work * “Reprompt” attack lets attackers steal data from Microsoft Copilot * Phishing scammers are posting fake “account restricted” comments on LinkedIn * Online shoppers at risk as Magecart skimming hits major payment networks * How real software downloads can hide remote backdoors * Data broker fined after selling Alzheimer’s patient info and millions of sensitive profiles * Why iPhone users should update and restart their devices now * Received an Instagram password reset email? Here’s what you need to know * Regulators around the world are scrutinizing Grok over sexual deepfakes * Celebrating reviews and recognitions for Malwarebytes in 2025 Stay safe! * * * **We don’t just report on scams—we help detect them** Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

A week in security (January 12 – January 18) Last week on Malwarebytes Labs: Stay safe! Last week on Malwarebytes Labs: WhisperPair exposes Bluetooth earbuds and headphones to tracking and eavesd...

#News #Magecart #Reprompt #WhisperPair

Origin | Interest | Match

Wireless Earbuds Can Be Hacked. Here’s How to Protect Yourself. Wireless headphones that easily pair to Android phones can be hacked. Update your devices’ firmware to protect yourself.

🎧 #COSIC research on #Bluetooth earbuds & speakers vulnerable to hacking & tracking, featured in NY Times Wirecutter. www.nytimes.com/wirecutter/r...
▶️ Demo: youtube.com/watch?v=-j45...
#KULeuven #nytimes #google #whisperpair #fastpair

Kerentanan Google Fast Pair Dedahkan Ratusan Juta Aksesori Kepada Penggodam Google Fast Pair dilancarkan pada tahun 2017 untuk memudahkan aksesori audio dan jam tangan pintar ditambat kepada peranti Android. Ia mempunyai ciri tambatan pantas yang sama seperti di iOS. Tetapi penyelidik dari KU Leuven melaporkan penemuan kerentanan pada Fast Pair yang menyebabkan aksesori terdedah kepada intipan penggodam. Kerentanan yang diberi nama WhisperPair ini menyebabkan sebarang […]

WhisperPair、数億台のBluetooth 機器に深刻な脆弱性 CVE-2025-36911-Google Fast Pairの不備による盗聴・追跡リスクの実態|セキュリティニュースのセキュリティ対策Lab 2026年1月、セキュリティ研究者らによって、Googleの「Fast Pair」プロトコルを採用したBlue

#WhisperPair、　数億台のBluetooth 機器に深刻な脆弱性 CVE-2025-36911-Google Fast Pairの不備による盗聴・追跡リスクの実態

rocket-boys.co.jp/security-mea...

#セキュリティ対策Lab #セキュリティ #Security #サイバー攻撃

Miljoenen bluetoothapparaten met Google Fast Pair zijn vatbaar voor hack Securityonderzoekers van de KU Leuven hebben een kwetsbaarheid in apparaten met Google Fast Pair ontdekt. Daarmee kunnen hackers draadloze koptelefoons en oordopjes overnemen. Ze kunnen zo stiekem mee...

Securityonderzoekers van de KU Leuven hebben een kwetsbaarheid in apparaten met Google Fast Pair ontdekt. Daarmee kunnen hackers draadloze koptelefoons en oordopjes overnemen.
#WhisperPair

tweakers.net/nieuws/24372...

WhisperPair: Η κρίσιμη ευπάθεια στα ακουστικά Bluetooth που επιτρέπει σε χάκερ να σας παρακολουθούν Πώς το Fast Pair της Google αφήνει εκτεθειμένα δεκάδες δημοφιλή μοντέλα ακουστικών και τι πρέπει να κάνετε άμεσα για να προστατευτείτε.

⚠️Μια ομάδα ερευνητών ανακάλυψε το WhisperPair, μια ευπάθεια που επιτρέπει την υποκλοπή συνομιλιών και τον εντοπισμό τοποθεσίας μέσω Bluetooth ακουστικών. Δείτε τη λίστα με τα ευάλωτα μοντέλα. #WhisperPair #PixelBudsPro2 #SonyWH1000XM6 #RedmiBuds5Pro

Google Fast Pair Flaw Exposes Hundreds Of Millions Of Bluetooth Devices To WhisperPair Exploit, Patch ASAP WhisperPair exploits a vulnerability in Google Fast Pair functionality to enable nonconsensual device tracking and pairing.

#WhisperPair exploits a vulnerability in #Google Fast Pair #Bluetooth functionality to enable nonconsensual device tracking and pairing.

hothardware.com/news/google-...

Decine di produttori hanno implementato male Google Fast Pair.

La vulnerabilità WhisperPair consente il controllo remoto degli auricolari entro 15 metri.

Colpiti Sony, Xiaomi, Nothing e lo stesso Google.

🔒📱

#cybersecurity #fastpair #whisperpair

www.youtube.com/watch?v=-j45...

Un fallo en Fast Pair expone millones de auriculares y altavoces a un secuestro . Un fallo en el protocolo de 'Fast Pair' de Google ha hechos que auriculares, altavoces y otros dispositivos que se conectan por Bluetooth hayan sido vulnerables a ataques que facilitarían el acceso ...

"Un fallo en Fast Pair expone millones de auriculares y altavoces a un secuestro" (Ultima Hora)
www.ultimahora.es/noticias/tec...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

Golem.de: IT-News für Profis

"Sicherheitslücke macht Hörstöpsel zur Wanze" (Golem)
www.golem.de/news/google-...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

Let op: hackers kunnen je locatie tracken via je oordopjes | Androidworld.nl Er is een beveiligingsprobleem gevonden binnen Google Fast Pair waardoor hackers je kunnen tracken. Het gaat onder andere om Pixel Buds.

"Let op: hackers kunnen je locatie tracken via je oordopjes" (Android World)
androidworld.nl/nieuws/let-o...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

Miljoenen oordopjes en koptelefoons zijn kwetsbaar: wie luistert er met je mee? Onderzoekers van KU Leuven hebben een ernstig lek ontdekt in miljoenen draadloze oordopjes en koptelefoons. Je moet een update installeren om hier wat tegen te doen.

"Miljoenen oordopjes en koptelefoons zijn kwetsbaar: wie luistert er met je mee?" (Bright)
www.bright.nl/nieuws/17318...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

Many Bluetooth devices with Google Fast Pair vulnerable to “WhisperPair” hack Even Google's own earbuds are vulnerable to the Fast Pair hack.

"Many Bluetooth devices with Google Fast Pair vulnerable to “WhisperPair” hack" (ars Technica)
arstechnica.com/gadgets/2026...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

Major security flaw affects Sony, Google, and other popular headphones Sony, Google, and other popular headphones have a security flaw that lets hackers hijack your audio, activate mics, and track your location.

"Major security flaw affects Sony, Google, and other popular headphones" (Sound Guys)
www.soundguys.com/google-fast-...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

WhisperPair attack exposes millions of Bluetooth devices to location tracking A critical flaw in Google's Fast Pair protocol allows attackers to forcibly hijack Bluetooth accessories and covertly track users.

"WhisperPair attack exposes millions of Bluetooth devices to location tracking" (Cyber Insider)
cyberinsider.com/whisperpair-...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

WhisperPair Attack Leaves Millions of Audio Accessories Open to Hijacking WhisperPair attack can be used to forcibly pair audio accessories that have improper Google Fast Pair implementations with attacker devices.

"WhisperPair Attack Leaves Millions of Audio Accessories Open to Hijacking" (Security Week)
www.securityweek.com/whisperpair-...
#cosic #kuleuven #WhisperPair #google #fastpair #bluetooth

重大な「 WhisperPair 」の欠陥が Google の Fast Pair プロトコルで明らかに、数百万台のヘッドフォンがハッキングや盗聴にさらされる

あなたのBluetoothヘッドフォンが盗聴器に？「WhisperPair」脆弱性でGoogle Fast Pair搭載の主要17機種が最大14m圏内でハッキングの危険に。詳細は記事で。
biggo.jp/news/202601161524_Google...

#PixelBudsPro2 #WhisperPair