Security researcher Andreas Makris remotely compromised a Yarbo robot lawn mower to expose critical vulnerabilities in the device's safety systems.
Makris demonstrated the exploit by taking control of the 200-pound autonomous mower from across the planet, commanding it to move toward a person lying in its path. The hack revealed that the device lacks adequate safeguards to prevent remote manipulation, even by operators with no physical access to emergency controls.
The attack exposes a significant gap in IoT device security. Robot lawn mowers increasingly connect to cloud services and mobile apps, but manufacturers often prioritize convenience over safety isolation. Yarbo's system allowed unauthenticated remote access without requiring verification of operator location or intent.
The vulnerability could allow attackers to disable safety features, override emergency stops, or activate cutting mechanisms unexpectedly. This proof-of-concept raises questions about security standards across the consumer robotics industry.
Makris' demonstration underscores growing risks in connected home devices. As more autonomous equipment enters households, manufacturers must implement cryptographic authentication, geofencing, and hardwired safety overrides that cannot be disabled remotely.
Leaked data reveals the AI music generator sourced training material from YouTube Music, Deezer, and Genius without public disclosure. The discovery raises questions about the company's data acquisition practices.
The FBI has taken control of websites operated by Alarum Technologies Ltd., marking a significant enforcement action against the proxy network industry. The move signals increased federal scrutiny of services that mask user identities online.
Meta has issued conflicting statements about NameTag, a face recognition system reported by WIRED. Company executives have offered unclear remarks on whether the technology actually exists.
Zoom has disclosed a critical vulnerability affecting its Windows desktop client and SDK that allows unauthenticated attackers to hijack user accounts. The company has released patches to address the security issue.