The Internet of Things (IoT) is transforming industries such as healthcare, smart cities, and industrial automation by enabling seamless device interconnectivity. However, its heterogeneous and resource-constrained nature introduces critical security challenges, including impersonation attacks, malicious node injection, denial-of-service attacks, and data breaches. Existing security mechanisms often fail to address these evolving threats due to IoT’s dynamic environment. This paper presents a systematic review of security vulnerabilities in the layered IoT architecture (perception, network, and application layers) and explores lightweight, scalable security solutions such as blockchain authentication, AI-driven anomaly detection, and quantum-resistant cryptography. Unlike prior studies that focus on isolated threats or generic security frameworks, this research provides a structured, layer-wise security assessment and proposes practical mitigation strategies tailored to real-world IoT applications. The findings emphasize the need for energy-efficient, adaptive security frameworks to ensure confidentiality, integrity, availability, and privacy. This study serves as a foundation for future research in autonomous and scalable IoT security mechanisms, bridging the gap between theoretical security models and practical implementation.