Two concurrent botnets are actively targeting ASUS routers and unspecified SOHO router devices for DDoS infrastructure expansion and proxy operations. Vendor-specific CVEs are pending disclosure; exploitation techniques are consistent with authentication bypass (CWE-287) and privilege escalation (CWE-269). Organizations should apply available ASUS firmware updates immediately, disable unused remote management interfaces, rotate administrative credentials, and segment these devices from internal networks. Note: No specific CVE identifiers are confirmed for the SOHO-targeting botnet at this time.