The Internet of Things (IoT) is rapidly expanding, connecting everyday objects to the internet. This interconnectedness brings numerous benefits but also introduces significant security risks. This research paper explores the vulnerabilities of IoT devices and examines a real-world case study of a university network compromised by a botnet attack targeting IoT devices. The paper analyzes the attack methods, identifies the security breaches, and proposes mitigation strategies to prevent similar incidents in the future. The study highlights the importance of robust security measures, including physical security, encryption, and regular firmware updates, to protect IoT systems from malicious actors.