The issue was first pinpointed by researchers at Trend Micro and reported on by Wired. Certain Bose and Sonos speakers can be found online via a simple scan. While only a fraction of speakers are vulnerable, hackers can access connected services such as Spotify and Pandora through the speaker, as well as trigger nearby smart speakers such as the Amazon Echo and Google Home.
Sonos clarified in an email to Wired that speakers vulnerable to this kind of hijacking are actually on misconfigured networks. Still, the company pushed out a software update that limits the amount of data a user can access in this kind of hack. Bose, however, appears to have taken no action to address the issue.
Again, this affects a very small subset of users, but it's something to think about if you've opened ports on your network for gaming or some other purpose. These speakers assume that the network they have access to is a trusted one. While use of this exploit might be limited to practical jokes, it's smart to limit access before people find a way to use this for more nefarious purposes.