The Peloton Bike+ and Peloton Tread exercise equipment contain a security vulnerability that could expose gym users to a wide variety of cyberattacks. An attacker with initial physical access (say, at a gym) could gain root entry to the interactive tablet. The hack works like this: An attacker would simply insert a tiny USB key with a boot image file containing malicious code that grants them remote root access. Gym owners should of course initiate updates as soon as possible, but home users should nonetheless update too.
Source: https://threatpost.com/peloton-bike-bug-hackers-control/166960/