Attempt BLE spoof with known MAC/BLE ID
Replay attack using captured WebSocket payload
Inject malformed JSONĀ
BLE MITM injection during pairing
Token theft via browser injection
Brute-force token attempts with known device IDs
Brute force pairing PINs
Remote control without partner consent
Try connecting device to two users at once
BLE packet sniffing and replay
Token theft via XSS or data compromise
WebSocket impersonation
MITM against Events API
OOB pairing bypass attempt via packet replay
Token re-use across devices