Breaking 19:15 Trump announces renewed maritime blockade against Iran amid Strait of Hormuz tensions 19:00 NASA seeks four volunteers for year-long Mars mission simulation 17:30 States challenge Paramount’s $110 billion Warner Bros. Discovery takeover in major antitrust lawsuit 17:15 Bosch launches sample production at first U.S. semiconductor plant to strengthen domestic chip supply 14:30 Williams secures $5.3 billion investment from Blackstone-led consortium for power projects 13:45 Iraqi Prime Minister Ali al-Zaidi seeks major US energy investment during Washington visit 12:31 Jay-Z concert delayed in New York after ticketless fans disrupt Yankee Stadium event 12:00 Wall Street banks accelerate AI assistant adoption in race for productivity gains 11:47 US Military Reveals First Combat Use of New Unmanned Weapons in Strikes on Iran 11:30 US Ebola patient infected in Congo transferred to specialized hospital in Germany 10:56 Morrisons explores £600 million property deal with US investor Realty Income, Sky News reports 10:41 US dollar gains as Middle East tensions fuel inflation concerns 09:00 UN chief urges US and Iran to end renewed hostilities and resume diplomacy 08:35 U.S. military says Strait of Hormuz remains open despite rising tensions with Iran 08:30 France’s World Cup journey links Boston and Dallas, two cities tied to John F. Kennedy’s legacy 08:18 Support grows in U.S. Congress for bill seeking terrorist designation of Polisario Front 07:31 Stellantis reports 10% rise in second-quarter vehicle shipments driven by North American demand

DJI Romo vacuum hack reveals global security risks

Monday 09 March 2026 - 11:50
By: Dakir Madiha
DJI Romo vacuum hack reveals global security risks

Spanish software engineer Sammy Azdoufal modified his DJI Romo robot vacuum to respond to a PlayStation 5 controller. He used AI tool Claude to reverse-engineer the DJI app's MQTT communication protocol with company servers. A backend authentication flaw let his device token access roughly 7000 vacuums and power stations across more than 20 countries.​

Azdoufal viewed live camera streams, microphone audio, 3D floor plans, precise locations, battery levels, cleaning progress, and obstacle reports from strangers' homes. A Verge journalist shared a test vacuum's serial number; Azdoufal pulled its real-time data within minutes, including room scans. In one demo, about 6700 devices reported current rooms, cleaning operations, hurdles faced, and charging spots.

Azdoufal alerted DJI, which patched the main vulnerability by February 24, 2026, blocking cross-device access. The company revoked his token, including for his own unit, and pulled the Romo model from its store two days later. Some issues persist, like PIN overrides for camera views.​

The flaw used weak device-agnostic authentication in MQTT messaging. No misuse occurred, but experts warn connected home gadgets with cameras and mics pose privacy threats. Prior incidents include 2024 Ecovacs Deebot hacks in U.S. cities, where intruders remotely drove vacuums and played slurs.​


  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.