Security news aggregator

Latest coverage for IoT

IoT systems connect sensors and control networks, so device identity, secure updates, data protection, and reliable operation support safety and availability.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Internet of Things (IoT) comprises physical devices—such as sensors, cameras, appliances, vehicles, medical equipment, and industrial controllers—that collect data, perform actions, and communicate with other devices or cloud services. Its distinctive assets include telemetry, control functions, device identities, and sometimes sensitive location, health, or operational data. Availability and integrity can be safety- or production-critical, while many devices have limited processing capacity, long service lives, and constrained maintenance access.

Security depends on the complete device lifecycle: maintain an accurate inventory, replace default credentials with unique authentication, verify firmware and provide signed, supportable updates, and restrict management interfaces through network segmentation. Exposed services, insecure update mechanisms, weak device-to-cloud APIs, physical access, and third-party components can enable unauthorized monitoring or control, compromise other systems, or conscript devices into attacks. Privacy protections should limit collection and access to telemetry, and monitoring should support detection and safe isolation without disrupting essential operations.

Volume over time

Weekly headline count for the current query.

Showing 2 most recent headlines Filtered view
Security Affairs 1 month, 1 week ago

IoT Botnet C0XMO Adds Competitor-Killing Capability

C0XMO is a new Gafgyt botnet variant exploiting old router flaws, spreading across IoT devices, killing rivals, and enabling large-scale DDoS attacks. In March 2026, FortiGuard Labs discovered a new variant of the Gafgyt botnet, dubbed C0XMO, which is noticeably more capable than its predecessors. The malware spreads through CVE-2021-27137, a stack buffer overflow in […]