The advent of (Internet of Things) IoT technologies has essentially transformed traditional houses into intelligent, equipped, and networked smart houses that serve to improve the quality in the lives of human beings with respect to security, energy efficiency, and comfort through massive automation, sensing, and remote control. However, with such a shift of paradigm, due to the diversity of devices, the limitation of resources, problems of interoperability, and a growing array of cyberthreats, opens up numerous avenues for security and privacy threats. This review attempts a holistic coverage of IoT-based smart home technologies and then provides a systematic classification of the security vulnerabilities from device, network, cloud, and application layers. The key threats include unauthorized access, data leakage, propagation of malware, denial of service, and exploits targeted against AI, with an analysis of their causes and occurrences in the real world. The paper undertakes a critical assessment of contemporary countermeasures, ranging from lightweight cryptographic protocols, AI-driven intrusion detection systems, blockchain-based authentication, privacy-preserving edge computing, and zero-trust frameworks. A comparative insight into each approach conversed with the views of the established literature draws out trade-offs between security efficacy, scalability, computational overheads, and user adoption. Based on a synthesis of the modern findings, continued gaps are identified, and future directions provided: including quantum-resistant encryption, interoperable standards, and user-centric security design, acting as the working platform or actionable directions for any researchers, developers, or policymakers in building of secure, resilient, and privacy preserving smart home ecosystem.