Security firm Check Point developed a one-click attack against Amazons voice-controlled assistant Alexa. The attack requires a user to click on a malicious link, which is a barrier albeit often a low one to a successful attack. Amazon says it fixed the issue soon after it was brought to our attention, and we continue to strengthen our systems. The security firm discovered that Amazon had made errors setting the Cross-Origin Resource Sharing policy, which determines what resources web applications can access at other ports.”]
Source: https://www.devicesecurity.io/one-malicious-link-unlocks-alexas-voice-history-a-14835