Researchers at the security firm CheckMarx discovered a security flaw in Amazon’s Alexa voice enabled digital personal assistant that could have been used to eavesdrop and transcribe any ambient conversation.
But, there are caveats: The flaw requires a user to not only install, but also run a malicious app on Alexa, and not notice Alexa’s trademark blue light never turns off. Amazon has now released a patch, meaning it is not an issue for up-to-date Alexa systems.