C0XMO: The Router Botnet That Doesn't Just Infect—It Eliminates the Competition

A newly discovered botnet called C0XMO is raising concerns across the cybersecurity community after researchers uncovered its ability to exploit vulnerable DD-WRT routers, spread across multiple device types, and aggressively remove competing malware from infected systems. Based on the well-known Gafgyt malware family, C0XMO targets a wide range of processor architectures, making it highly adaptable and capable of compromising routers, DVRs, Android-based devices, and other internet-connected equipment.

Wifi Auto Doesn't Mean Optimal - Things to look out for

1

Channel chaos: your AP is fighting neighbors it can't see

Auto channel selection sounds smart, but most vendors run a quick scan at boot time and picks a channel based on what's visible in that moment. It doesn't continuously adapt, and it can't account for non-Wi-Fi interference sources like baby monitors, microwaves, or Bluetooth clusters. In a dense apartment building or office, every AP is probably also running Auto — meaning everyone lands on the same "least busy" channel simultaneously. The result is coordinated co-channel interference that degrades throughput for everyone. A manually chosen, spectrum-

The Battle for Your Android: Why “Open” Still Matters

KeepAndroidOpen.org is a grassroots campaign focused on defending one of the core promises Android was built on: the ability for users to freely install and run the apps they choose. The site highlights proposed changes to Android’s developer verification system that could centralize control over app distribution under a single authority. According to the campaign, this shift risks turning an open ecosystem into a tightly controlled environment where even sideloaded or independently distributed apps would require prior approval. 

AVOID the malicious openew.app website

 

Based on current threat intelligence, I would treat openew.app as malicious and unsafe.

Several independent indicators point to it being a phishing/malware site:

• A recent security scan classified openew.app as a phishing site with a very low trust score and noted that 16 security engines flagged it. The domain was also only a few days old when analyzed, which is a common characteristic of malicious campaigns.
• Researchers at Malwarebytes reported that openew.app impersonates the official ChatGPT download page and delivers malware to both Windows and macOS users. According to their analysis, Windows users receive credential-stealing malware, while macOS users are served Atomic Stealer (AMOS), which targets passwords, browser data, and cryptocurrency wallets.
• Multiple malware sandbox analyses observed malicious behavior associated with downloads from the site and classified activity from the domain as malicious.

DHCP Detective: Looking for Sparks Before it Becomes a Fire

If there’s one thing every network admin learns the hard way, it’s that DHCP problems rarely announce themselves politely. One minute everything is fine, and the next users are wandering the office asking why Wi-Fi suddenly stopped working. That’s why proactive DHCP troubleshooting matters. Instead of waiting for a full-blown outage, keeping an eye on your DHCP logs can reveal warning signs long before devices start losing addresses and chaos begins. In this example, I will refer to  Ubiquiti EdgeRouters, since I'm working with them quite a bit lately. One of the best places to start is the trusty command sudo cat /var/log/dhcpmasq.log

FYI.  the same methodology and tips will apply to any DHCP server.