Bluetooth in Apple OS X before 10.10 does not require encryption for HID Low Energy devices, which allows remote attackers to spoof a device by leveraging previous pairing.
http://archives.neohapsis.com/archives/bugtraq/2014-10/0101.html
http://secunia.com/advisories/61825
http://secunia.com/advisories/61827
https://exchange.xforce.ibmcloud.com/vulnerabilities/97641
https://support.apple.com/kb/HT6535
https://support.apple.com/kb/HT6541