frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Vulnerable WhisperPair Devices – Hijack Bluetooth Accessories Using Fast Pair

https://whisperpair.eu/vulnerable-devices
17•gnabgib•4d ago

Comments

nmstoker•1h ago
Was posted a few times recently:

https://news.ycombinator.com/item?id=46631720

miduil•1h ago
Previous discussion on ?a similar? vulnerability. That means there is yet another critical vulnerability from the same vendors, given the reporting date around ~August I hope this was addressed by Sony and Jabra around the same time.

https://news.ycombinator.com/item?id=46453204

   > Bluetooth Headphone Jacking: A Key to Your Phone [video]
   > 551 points
   > 223 comments
   > 21 days ago
I wonder if some people could find more affected versions or whether there is some tool to detect more models, as I would doubt this is being nearly complete given how many vendors rely on this supplier.
elnerd•1h ago
I have the impression this is not the same. In the linked video, they talked about unauthenticated functions in BLE if I recall correctly…
miduil•1h ago
yes sorry, just updated my comment shortly before you replied.

This is CVE-2025-36911, the other ones were CVE-2025-20700, CVE-2025-20701, CVE-2025-20702. Coincidentally a similar set of headphones affected.

This one also has a pairing vulnerability, but I assume fast pair is on the BLE level:

> To start the Fast Pair procedure, a Seeker (a phone) sends a message to the Provider (an accessory) indicating that it wants to pair. > [...] allowing unauthorised devices to start the pairing process [...]

It's a pity that this is only awarded with $15k, this is a really bad vulnerability - which clearly required thoughtful investigation, publishing, reporting, ... and would have a much bigger audience in the exploit market.

GPTZero finds 100 new hallucinations in NeurIPS 2025 accepted papers

https://gptzero.me/news/neurips/
593•segmenta•6h ago•305 comments

Show HN: isometric.nyc – giant isometric pixel art map of NYC

https://cannoneyed.com/isometric-nyc/
430•cannoneyed•5h ago•121 comments

Qwen3-TTS family is now open sourced: Voice design, clone, and generation

https://qwen.ai/blog?id=qwen3tts-0115
387•Palmik•8h ago•113 comments

Compiling Scheme to WebAssembly

https://eli.thegreenplace.net/2026/compiling-scheme-to-webassembly/
38•chmaynard•4d ago•7 comments

CSS Optical Illusions

https://alvaromontoro.com/blog/68091/css-optical-illusions
104•ulrischa•4h ago•10 comments

Brex is joining forces with Capital One

https://www.brex.com/journal/brex-and-capital-one-join-forces
7•ChrisArchitect•28m ago•1 comments

'Active' sitting is better for brain health: review of studies

https://www.sciencealert.com/not-all-sitting-is-equal-one-type-was-just-linked-to-better-brain-he...
39•mikhael•3h ago•14 comments

Recent discoveries on the acquisition of the highest levels of human performance

https://www.science.org/doi/abs/10.1126/science.adt7790
65•colincooke•4h ago•30 comments

Show HN: First Claude Code client for Ollama local models

https://github.com/21st-dev/1code
20•SerafimKorablev•4h ago•8 comments

Tree-sitter vs. Language Servers

https://lambdaland.org/posts/2026-01-21_tree-sitter_vs_lsp/
184•ashton314•7h ago•53 comments

My first year in sales as technical founder

https://www.fabiandietrich.com/blog/first-year-in-sales.html
20•f3b5•5d ago•3 comments

Viking Ship Museum in Denmark announces the discovery of the largest cog

https://www.medievalists.net/2025/12/medieval-ship-discovered-copenhagen/
4•PaulHoule•30m ago•1 comments

Why does SSH send 100 packets per keystroke?

https://eieio.games/blog/ssh-sends-100-packets-per-keystroke/
166•eieio•2h ago•117 comments

Launch HN: Constellation Space (YC W26) – AI for satellite mission assurance

28•kmajid•5h ago•6 comments

Your app subscription is now my weekend project

https://rselbach.com/your-sub-is-now-my-weekend-project
113•robteix•3d ago•106 comments

AnswerThis (YC F25) Is Hiring

https://www.ycombinator.com/companies/answerthis/jobs/r5VHmSC-ai-agent-orchestration
1•ayush4921•5h ago

Reverse engineering Lyft Bikes for fun (and profit?)

https://ilanbigio.com/blog/lyft-bikes.html
35•ibigio•5h ago•8 comments

Keeping 20k GPUs healthy

https://modal.com/blog/gpu-health
59•jxmorris12•4d ago•21 comments

Mote: An Interactive Ecosystem Simulation [video]

https://www.youtube.com/watch?v=Hju0H3NHxVI
45•evakhoury•23h ago•5 comments

The Education of the Broligarchy

https://colossus.com/article/education-broligarchy-silicon-valley-canon/
3•pseudolus•21m ago•0 comments

A Year of 3D Printing

https://brookehatton.com/blog/making/a-year-of-3d-printing/
63•nindalf•5d ago•66 comments

Design Thinking Books (2024)

https://www.designorate.com/design-thinking-books/
256•rrm1977•10h ago•118 comments

Vulnerable WhisperPair Devices – Hijack Bluetooth Accessories Using Fast Pair

https://whisperpair.eu/vulnerable-devices
17•gnabgib•4d ago•4 comments

Preserved Fish, Boss of New York City

https://signoregalilei.com/2025/12/21/preserved-fish-boss-of-new-york-city/
5•surprisetalk•3d ago•0 comments

I was banned from Claude for scaffolding a Claude.md file?

https://hugodaniel.com/posts/claude-code-banned-me/
241•hugodan•3h ago•191 comments

It looks like the status/need-triage label was removed

https://github.com/google-gemini/gemini-cli/issues/16728
257•nickswalker•6h ago•64 comments

Show HN: CLI for working with Apple Core ML models

https://github.com/schappim/coreml-cli
19•schappim•2h ago•0 comments

Show HN: Synesthesia, make noise music with a colorpicker

https://visualnoise.ca
23•tevans3•16h ago•8 comments

Show HN: Text-to-video model from scratch (2 brothers, 2 years, 2B params)

https://huggingface.co/collections/Linum-AI/linum-v2-2b-text-to-video
22•schopra909•5h ago•7 comments

Show HN: BrowserOS – "Claude Cowork" in the browser

https://github.com/browseros-ai/BrowserOS
33•felarof•5h ago•13 comments