Researchers have exposed a potentially major security vulnerability with Meta's virtual reality headsets, according to a new study. The so-called 'inception attack' allows an attacker to spy on and control a user's VR environment. Only a third of study participants noticed the glitch when their session was hijacked.