Millions of Bluetooth headphones at risk of eavesdropping security flaw

Researchers at KU Leuven in Belgium have discovered a serious security vulnerability (called “WhisperPair”) that exists in millions of wireless headphones from several well-known brands, reports Wired.

The vulnerability can be used for both tracking and eavesdropping, without the user even realizing it. It’s due to a security flaw in the Google Fast Pair Bluetooth function. iPhone users are also affected.

A total of at least 17 headphone models from 10 manufacturers are affected, including Sony, Jabra, JBL, Marshall, Xiaomi, Nothing, OnePlus, Soundcore, Logitech, and Google.

Google has confirmed the security flaw and is rolling out security updates in cooperation with these manufacturers. You can check whether your headphones are affected on this web page. If your headphones are on the list, you should update their firmware as soon it’s available.