Skip to main content
COSMICBYTEZLABS
NewsSecurityHOWTOsToolsTraining
StudyProjectsNewsletterHire MeAbout
Subscribe

Press Enter to search or Esc to close

News
Security
HOWTOs
Tools
Training
Study
Projects
Newsletter
Hire Me
About
RSS Feed
Reading List
Subscribe

Stay in the Loop

Get the latest security alerts, tutorials, and tech insights delivered to your inbox.

Subscribe NowFree forever. No spam.
COSMICBYTEZLABS

Your trusted source for IT intelligence, cybersecurity insights, and hands-on technical guides.

1941+ Articles
150+ Guides

CONTENT

  • Latest News
  • Security Alerts
  • HOWTOs
  • Checklists
  • Projects
  • Exam Prep

RESOURCES

  • Search
  • Browse Tags
  • Newsletter Archive
  • Reading List
  • RSS Feed

COMPANY

  • About Us
  • Contact
  • Privacy Policy
  • Terms of Service

© 2026 CosmicBytez Labs. All rights reserved.

System Status: Operational
All tags
14 articles

#IoT Security

All CosmicBytez Labs articles tagged #IoT Security, across news, security advisories, how-to guides, and projects.

  • SecurityJul 7, 2026

    CVE-2026-24013: Apache IoTDB Authentication Bypass via Forged Session ID

    A critical authentication bypass in Apache IoTDB allows unauthenticated attackers to forge Thrift RPC session IDs and receive valid time-series query...

  • SecurityJul 7, 2026

    CVE-2026-24014: Apache IoTDB DataNode Path Traversal via Trigger JAR Upload

    A critical path traversal vulnerability in Apache IoTDB's DataNode RPC interface allows unauthenticated attackers to write arbitrary files outside the...

  • SecurityJun 26, 2026

    GeoVision LPC Camera Critical RCE via thttpd Buffer Overflow (CVE-2026-57878)

    A critical unauthenticated stack-based buffer overflow in thttpd on GeoVision GV-LPC2011 and GV-LPC2211 cameras allows remote attackers to execute...

  • SecurityJun 26, 2026

    GeoVision LPC Camera Critical RCE via ssvr RTSP Auth Buffer Overflow (CVE-2026-57879)

    A critical unauthenticated stack-based buffer overflow in the ssvr RTSP service of GeoVision GV-LPC2011 and GV-LPC2211 cameras allows remote attackers to...

  • SecurityJun 26, 2026

    GeoVision LPC Camera Critical RCE via ssvr RTSP Digest Auth Buffer Overflow (CVE-2026-57880)

    A critical unauthenticated stack-based buffer overflow in GeoVision GV-LPC2011 and GV-LPC2211 cameras allows remote code execution by exploiting...

  • SecurityJun 26, 2026

    GeoVision LPC Camera Critical RCE via vlsvr Remote Login Buffer Overflow (CVE-2026-57881)

    A critical unauthenticated stack-based buffer overflow in the vlsvr daemon of GeoVision GV-LPC2011 and GV-LPC2211 cameras allows remote code execution...

  • NewsMay 22, 2026

    Alleged Kimwolf Botmaster ''Dort'' Arrested, Charged in U.S. and Canada

    Canadian authorities arrested a 23-year-old Ottawa man suspected of building and operating Kimwolf, an IoT botnet that enslaved millions of devices for...

  • NewsMay 22, 2026

    US and Canada Arrest and Charge Suspected Kimwolf Botnet

    U.S. and Canadian authorities arrested and charged a Canadian man with operating the Kimwolf DDoS botnet, which infected nearly two million devices...

  • NewsMay 1, 2026

    EnOcean SmartServer Flaws Expose Buildings to Remote Hacking

    Claroty researchers have disclosed two vulnerabilities in the EnOcean SmartServer IQ building management controller that can be chained for security...

  • SecurityApr 28, 2026

    CVE-2026-7136: Totolink A8000RU OS Command Injection via setDmzCfg

    A critical OS command injection vulnerability in the Totolink A8000RU router allows remote attackers to execute arbitrary commands by manipulating the...

  • NewsApr 18, 2026

    Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack

    Threat actors are deploying the Nexcorium Mirai botnet variant by exploiting CVE-2024-3721 in TBK DVR devices and targeting end-of-life TP-Link Wi-Fi...

  • NewsApr 9, 2026

    ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache

    This week's ThreatsDay Bulletin from The Hacker News covers 20 active threats including a hybrid P2P DDoS botnet, a 13-year-old Apache ActiveMQ RCE flaw...

  • SecurityApr 4, 2026

    CVE-2026-28766: Gardyn Smart Garden API Exposes All User

    A critical unauthenticated information disclosure vulnerability in the Gardyn smart garden platform exposes all registered user account information via a...

  • SecurityFeb 18, 2026

    Critical Grandstream VoIP Vulnerability Allows

    A critical CVSS 9.3 stack-based buffer overflow in Grandstream GXP1600 series VoIP phones allows unauthenticated remote code execution, enabling attackers...