Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsStudyTraining
ProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Study
Training
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1310+ Articles
157+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
18 articles

#IoT

All CosmicBytez Labs articles tagged #IoT, across news, security advisories, how-to guides, and projects.

  • SecurityApr 29, 2026

    Snap One WattBox 800/820 Diagnostic Auth Bypass

    A CVSS 9.8 critical vulnerability in Snap One WattBox 800 and 820 series firmware exposes undisclosed diagnostic HTTP endpoints protected only by the...

  • SecurityApr 28, 2026

    CVE-2026-7154: Totolink A8000RU OS Command Injection via

    A critical unauthenticated OS command injection vulnerability in the Totolink A8000RU router firmware 7.1cu.643_b20200521 allows remote attackers to...

  • SecurityApr 27, 2026

    CVE-2026-7037: Unauthenticated OS Command Injection in

    A critical CVSS 9.8 OS command injection vulnerability in the Totolink A8000RU router allows unauthenticated remote attackers to execute arbitrary...

  • SecurityApr 25, 2026

    CVE-2026-21515: Azure IoT Central Elevation of Privilege

    A critical CVSS 9.9 elevation of privilege vulnerability in Azure IoT Central allows an authenticated attacker to escalate privileges over a network by...

  • SecurityApr 12, 2026

    CVE-2026-6112: Totolink A7100RU OS Command Injection via

    A critical OS command injection vulnerability (CVSS 9.8) in Totolink A7100RU firmware allows unauthenticated remote attackers to execute arbitrary...

  • SecurityApr 12, 2026

    CVE-2026-6113: Totolink A7100RU OS Command Injection via

    A critical OS command injection flaw (CVSS 9.8) in Totolink A7100RU enables remote unauthenticated attackers to execute arbitrary commands by manipulating...

  • SecurityApr 12, 2026

    CVE-2026-6114: Totolink A7100RU OS Command Injection via

    CVE-2026-6114 is a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router's setNetworkCfg function, exploitable remotely...

  • SecurityApr 12, 2026

    CVE-2026-6115: Totolink A7100RU OS Command Injection via

    CVE-2026-6115 describes a critical OS command injection vulnerability (CVSS 9.8) in the Totolink A7100RU router, exploitable remotely and without...

  • SecurityApr 11, 2026

    CVE-2026-4149: Sonos Era 300 Unauthenticated RCE via SMB

    A CVSS 10 critical vulnerability in the Sonos Era 300 smart speaker allows unauthenticated remote attackers to execute arbitrary code by exploiting an...

  • SecurityApr 10, 2026

    CVE-2026-5977: TOTOLINK A7100RU Critical OS Command

    A critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary system...

  • SecurityApr 10, 2026

    CVE-2026-5978: TOTOLINK A7100RU Critical OS Command

    A second critical OS command injection vulnerability (CVSS 9.8) in TOTOLINK A7100RU routers allows unauthenticated remote attackers to execute arbitrary...

  • NewsApr 5, 2026

    Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

    A joint operation by the US Department of Justice, Canada, and Germany has dismantled the infrastructure behind four highly disruptive IoT botnets that...

  • NewsMar 23, 2026

    Weekly Recap: CI/CD Backdoor, FBI Buys Location Data

    This week's cybersecurity roundup covers supply chain attacks hitting CI/CD pipelines, long-running IoT botnets finally disrupted, the FBI's warrantless...

  • SecurityMar 23, 2026

    Tenda A15 UploadCfg Stack Buffer Overflow (CVE-2026-4567)

    A CVSS 9.8 Critical stack-based buffer overflow in Tenda A15 firmware 15.13.07.13 allows unauthenticated remote attackers to execute arbitrary code by...

  • SecurityMar 22, 2026

    D-Link DHP-1320 SOAP Handler Stack Buffer Overflow

    A CVSS 8.8 stack-based buffer overflow in D-Link DHP-1320 firmware 1.00WWB04 allows unauthenticated remote attackers to execute arbitrary code via a...

  • NewsMar 20, 2026

    DoJ Disrupts 3 Million-Device IoT Botnets Behind Record

    The U.S. Department of Justice, in coordination with Germany and Canada, has dismantled the C2 infrastructure of four major IoT botnets — AISURU, Kimwolf,...

  • NewsFeb 9, 2026

    Massive Kimwolf Botnet Disrupts I2P Anonymous Network

    IoT botnet Kimwolf launches sustained attack against The Invisible Internet Project (I2P), disrupting the encrypted, decentralized communications network...

  • SecurityJan 18, 2026

    Critical D-Link Router RCE Under Active Exploitation - No

    CVE-2026-0625 allows unauthenticated remote code execution on legacy D-Link DSL routers. Devices are end-of-life with no patches forthcoming. Immediate...