Sammy Azdoufal just wanted to steer his DJI Romo with a gaming controller.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

A software engineer named Sammy Azdoufal accidentally discovered a major security flaw in DJI's Romo robot vacuum while building a custom controller app. Using an AI coding assistant to reverse-engineer the device's cloud communication, he found that his own authentication credentials granted him access to live camera feeds, microphone audio, floor maps, and location data from nearly 7,000 other DJI Romo vacuums across 24 countries. Rather than exploiting the vulnerability, he reported it to The Verge, which notified DJI. The company patched the issue in early February 2026. The incident highlights broader concerns about the security and privacy risks of internet-connected home robots, especially as more sophisticated humanoid devices enter the market.

Man accidentally gains control of 7,000 robot vacuums

Home owners are grappling with the privacy cost of smart homes