Google security patch release for CVE-2025-36911
Security Patch Release
Summary
Hide ▲
Show ▼
Google and accessory manufacturers released security patches for CVE-2025-36911 in Fast Pair-enabled Bluetooth accessories, addressing a flaw that could let attackers hijack devices, track users, and eavesdrop on conversations. The rollout happened during a 150-day disclosure window, and updates may still be missing for some vulnerable devices. Owners need to install manufacturer firmware updates because disabling Fast Pair on Android phones does not block the attack.
Related Happenings
Google rolls out Android Intrusion Logging in Android Advanced Protection Mode
Security Tool/Service
First: 14.05.2026 16:30
Last: 14.05.2026 16:30
Sources 1
About this happening:
Google has released **Android Intrusion Logging** for **Android Advanced Protection Mode**, giving **high-risk Android users** encrypted forensic logs to investigate suspected **s...
Google rolls out Android Intrusion Logging in Android Advanced Protection Mode
Security Tool/ServiceAbout this happening: Google has released **Android Intrusion Logging** for **Android Advanced Protection Mode**, giving **high-risk Android users** encrypted forensic logs to investigate suspected **s...
Android Intrusion Logging forensic logging rollout for spyware investigations
Security Tool/Service
First: 13.05.2026 09:55
Last: 13.05.2026 09:55
Sources 1
About this happening:
**Android** is adding **Intrusion Logging**, an opt-in forensic feature in **Advanced Protection Mode** that preserves device and network activity for suspected spyware compromise...
Android Intrusion Logging forensic logging rollout for spyware investigations
Security Tool/ServiceAbout this happening: **Android** is adding **Intrusion Logging**, an opt-in forensic feature in **Advanced Protection Mode** that preserves device and network activity for suspected spyware compromise...
Android 17 expands platform security and privacy protections
Security Tool/Service
First: 12.05.2026 20:00
Last: 12.05.2026 20:00
Sources 1
About this happening:
**Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...
Android 17 expands platform security and privacy protections
Security Tool/ServiceAbout this happening: **Android 17** will add a broad set of **Google**-backed security and privacy controls next month, reducing exposure to **banking scam calls**, **device theft**, and **OTP theft**...
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/Service
First: 12.05.2026 08:18
Last: 12.05.2026 08:18
Sources 1
About this happening:
Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
IOS 26.5 beta rolls out default end-to-end encrypted RCS messaging on iPhone and Android
Security Tool/ServiceAbout this happening: Apple's **iOS 26.5** beta adds **default end-to-end encrypted RCS** messaging for **iPhone** and **Android** users, strengthening privacy in cross-platform chats. The rollout cove...
Ivanti EPMM patch release for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821
Security Patch Release
First: 07.05.2026 18:20
Last: 07.05.2026 18:20
Sources 1
About this happening:
Ivanti released a security update for on-prem Endpoint Manager Mobile (EPMM) covering CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821. The patch addresses high-seve...
Ivanti EPMM patch release for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821
Security Patch ReleaseAbout this happening: Ivanti released a security update for on-prem Endpoint Manager Mobile (EPMM) covering CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821. The patch addresses high-seve...
Latest development: 07.05.2026 20:55
Ivanti released fixes for CVE-2026-5786, CVE-2026-5787, CVE-2026-5788, and CVE-2026-7821 in Endpoint Manager Mobile (EPMM). The updates apply only to on-prem EPMM before versions 12.6.1.1, 12.7.0.1, and 12.8.0.1, and Ivanti said the issues are not present in Ivanti Neurons for MDM, Ivanti EPM, Ivanti Sentry, or other Ivanti products.
Timeline
-
15.01.2026 18:13 2 articles · 4mo ago
Google and manufacturers release security patches for WhisperPair
Mitigation Patch UpdateGoogle and accessory manufacturers released security patches for CVE-2025-36911 (WhisperPair), a critical Google Fast Pair flaw affecting wireless headphones, earbuds, and speakers from multiple vendors; the fixes were coordinated during a 150-day disclosure window, and affected-device owners need manufacturer firmware updates because disabling Fast Pair on Android phones does not stop the attack.
Show sources
- Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices — www.bleepingcomputer.com — 15.01.2026 18:13
- Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices — www.bleepingcomputer.com — 15.01.2026 18:13