Spiral Toys has filed a breach notification with the California Attorney General’s office informing them of the CloudPets data breach.

Voice messages from children sent through an internet-connected toy called CloudPets were stolen from an exposed MongoDB database, which has been wiped clean and the data held for ransom.

Samsung Smartcam devices are vulnerable to remote takeover via a malicious firmware update, researchers with the former GTVHacker group said.

St. Jude Medical patched the Merlin@home Transmitter, addressing flaws made public last year in a controversial disclosure by MedSec Holdings and Muddy Waters.

The FTC announced the IoT Home Inspector Challenge, a contest with the goal of coming up with a patching solution fit for consumer-grade connected devices used in the home.

Netgear has built beta firmware updates for its Nighthawk routers vulnerable to a command injection attack disclosed last week.

Netgear has confirmed a critical vulnerability in its Nighthawk routers that expose devices to command injection attacks. A public exploit is available.

A D.C. think tank recommends regulations that mandate IoT security by design before attacks infiltrate critical infrastructure, financial and health care organizations.

The security community often thrives on controversy, but when it comes to vulnerability disclosures in life-saving medical devices, ego and attention-grabbing must be put aside.

Technologists, including Bruce Schneier, testifying before a House committee today on IoT security said that regulation could be the only answer to solving existing vulnerabilities.