On May 11, 2026, The Verge and PetaPixel reported that researcher Sammy Azdoufal had remotely accessed roughly 1.1 million network-connected baby monitors and security cameras made by Chinese white-label vendor Meari Technology — across 118 countries, by extracting a single key from the company's Android app. "Just by inspecting the Android app, Azdoufal says he was able to extract a single key that gave him access to devices across 118 countries." — The Verge via PetaPixel Photos from those cameras were stored on Chinese Alibaba servers with public web addresses and no protection. The same backend infrastructure is reportedly used by 378 different brands sold under different names on Amazon and at retailers like Leroy Merlin. The primary hole has been patched. The architectural mistake that produced it has not. I build an Android app called Background Camera RemoteStream ( superfunicular.com ). It is a structural alternative to the cloud-camera model that just failed for the millionth time.…