A new earbud security flaw may expose you to remote eavesdropping - here's how to fix it

Researchers disclosed 'WhisperPair,' a family of critical flaws in many implementations of Google's Fast Pair protocol for Bluetooth audio accessories that can allow attackers to covertly pair with headphones/earbuds, control them (volume, etc.), record conversations, and even register and track devices via Google's Find Hub; a CVE (CVE-2025-36911) was assigned, vendors have released patches for some devices, and the researchers recommend installing firmware updates as the sole reliable mitigation.