This page collects WhisperX intelligence signals tagged #IoT security. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical security flaw in the popular open-source home automation platform Home Assistant allows authenticated users to inject malicious scripts into the system. The vulnerability, tracked as CVE-2026-33044, enables cross-site scripting (XSS) attacks through a seemingly innocuous feature: the ability to name a device...
The cybersecurity landscape shows a rare pause in new public threats, with zero new CVEs published in the last 24 hours. This lull, however, masks persistent medium-severity vulnerabilities in widely deployed consumer hardware, highlighting a chronic patching problem. The highest CVSS score recorded remains at a critic...
A daily CVE report for April 11, 2026, reveals a stark anomaly: zero new vulnerabilities were published in the last 24 hours, yet the report's 'HIGH' classification is anchored by three existing, severe flaws. All three high-severity CVEs—CVE-2026-5996, CVE-2026-5997, and CVE-2026-6025—carry a CVSS score of 8.9 and tar...
A new and aggressive variant of the Mirai botnet, dubbed 'Nexcorium,' is actively exploiting a critical vulnerability in TBK DVR devices to assemble a powerful DDoS army. The malware is targeting CVE-2024-3721, a command injection flaw that allows attackers to execute arbitrary code on vulnerable devices. This campaign...
A security researcher remotely hijacked a Yarbo robot lawn mower and brought its 200-pound frame to a controlled stop just as it began climbing a reporter's chest, demonstrating critical security vulnerabilities in the device. Andreas Makris, operating from the other side of the planet, exploited those flaws to seize f...
Unit 42 researchers have identified active exploitation attempts targeting CVE-2023-33538, a command injection vulnerability affecting TP-Link routers. The attack campaigns leverage payloads characteristic of Mirai botnet malware, signaling the continued weaponization of IoT vulnerabilities by established threat infras...
A security demonstration turned into a real-world attack when a hacker remotely commandeered a Yarbo robot lawn mower and ran over a journalist, exposing critical vulnerabilities in thousands of the Chinese-made devices. The incident revealed that Yarbo's bladed robots could be hijacked with minimal effort, potentially...
Security researchers have identified significant vulnerabilities in consumer robot lawn mowers, raising concerns about the expanding attack surface of connected home devices. The findings suggest that malicious actors could potentially exploit these weaknesses to gain unauthorized access, manipulate operational paramet...
Security researchers have uncovered a critical vulnerability in Meari Technology's Wi-Fi baby monitors and security cameras, potentially exposing millions of private video feeds to unauthorized access. The exposure allowed anyone with knowledge of the flaw to view live footage from homes, including images of children i...