#iot
11 articles
Telecommunications, consumer electronics, and individual users were the primary targets in 14 articles covering IoT threats from April 15 to May 17, 2026. The Mirai threat actor was observed in these incidents, which spanned regions including Canada, Germany, and the United States. Key vulnerabilities exploited were CVE-2025-29635, CVE-2026-22898, CVE-2026-4682, each with a CVSS score of 8.8, alongside CVE-2026-33357 and CVE-2026-5057, both rated 7.5. The coverage included nine high-severity, three medium, and two critical reports.
HIGHEMQX QoS 2 Race Condition CVE-2026-8741 Affects Up to 6.2.0
CVE-2026-8741 (CVSS 3.1) enables remote exploitation of a race condition in EMQX's QoS 2 PUBLISH packet handler, affecting all versions up to 6.2.0.
HIGHMeari SDK Flaw CVE-2026-33357 Leaks WAN IP of IoT Cameras
CVE-2026-33357 (CVSS 7.5) in Meari SDK lets attackers retrieve WAN IPs for any device via CloudEdge, Arenti, and white-label apps — no authentication required.
HIGHTenda AC6 Command Injection Flaw CVE-2026-8263 Lets Attackers Execute
CVE-2026-8263 (CVSS 5.8) in Tenda AC6 firmware 15.03.06.49multiTDE01 allows unauthenticated remote OS command injection via the /goform/WifiExtraSet endpoint.
HIGHTenda AC6 Router Flaws Enable Remote Command Injection
Two command injection vulnerabilities in Tenda AC6 firmware 15.03.06.23 let remote attackers execute arbitrary OS commands via the getLogFile and formWifiApScan functions.
HIGHFeds Disrupt IoT Botnets Behind Record DDoS Attacks
US DOJ, Canada, and Germany dismantled four IoT botnets — Aisuru, Kimwolf, JackSkid, Mossad — compromising 3M+ devices, enabling record-breaking DDoS attacks.
HIGHMirai Botnet Exploits D-Link Router Flaw CVE-2025-29635
Mirai botnet operators exploit CVE-2025-29635, a CVSS 8.8 command injection flaw in end-of-life D-Link DIR-823X routers, to deploy malware and launch DDoS attacks.
HIGHATEN Unizon RPC Service Vulnerable to Unauthenticated Denial-of-Service
CVE-2026-5057, with a CVSS score of 7.5, exposes ATEN Unizon to unauthenticated denial-of-service attacks via its RPC service, allowing remote attackers to crash the device management platform.
HIGHHP DeskJet 2855e Printer Vulnerable to Remote Code Execution
A stack-based buffer overflow vulnerability (CVE-2026-4682) in the HP DeskJet 2855e printer allows network-adjacent attackers to execute arbitrary code without authentication, earning a CVSS score of 8.8.
MEDIUMMirai Variant Nexcorium Exploits DVR Flaw to Build DDoS Botnet
A new Mirai botnet variant, 'Nexcorium,' is exploiting a command injection flaw (CVE-2024-3721) in TBK DVRs and end-of-life TP-Link routers to conscript devices into a distributed denial-of-service (DDoS) swarm.
CRITICALQNAP TS-453E QVRPro Exposed Method Enables Remote Code Execution
A critical vulnerability (CVE-2026-22898) in QNAP TS-453E QVRPro allows network-adjacent attackers to execute arbitrary code without authentication, receiving a CVSS score of 8.8 from the Zero Day Initiative.
CRITICALTP-Link Router Flaw Exploited by Mirai Botnet Variant
Attackers are exploiting CVE-2023-33538, a command injection flaw in TP-Link Archer AX21 routers, to deploy a Mirai botnet variant. The campaign hijacks devices for DDoS attacks and credential theft.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.