VoidLink Linux Rootkit Analysis

~Elastic~
VoidLink is a sophisticated, AI-generated Linux rootkit using a hybrid LKM and eBPF architecture for advanced evasion and ICMP-based C2.
-
IOCs: 8. 149. 128. 10, 116. 62. 172. 147
-
#Linux #Rootkit #ThreatIntel #VoidLink

Attackers focus on machine identities: VoidLink, LangFlow and ShadowRay leverage stolen keys and unmanaged AI agents. SPIFFE/SPIRE help with short-lived workload credentials, but AI agents often still use static API keys. #machineidentity #SPIFFE #VoidLink https://bit.ly/47XTOBj

🛡️ Unit42 de Palo Alto ha publicado IOCs de #VoidLink, un framework de malware cloud-native con un directorio C2 abierto y solapamientos con el clúster CL-STA-1015.

#KQL lista para usar en Microsoft Defender:

Query completa en el link ▶️ github.com/alex-milla/K...

Alert: Cyber threat actor UAT-9921 deploys advanced VoidLink malware targeting tech and financial sectors. Organizations must bolster defenses against this sophisticated threat. #CyberSecurity #VoidLink #UAT9921 Link: thedailytechfeed.com/uat-9921-gro...

Introducing VoidLink: A modular intrusion framework enabling rapid deployment of tailored tools with Windows plugin support. Stay vigilant! #CyberSecurity #VoidLink #ThreatIntelligence Link: thedailytechfeed.com/voidlink-fra...

Introducing VoidLink: AI-generated Linux malware with multi-cloud targeting and kernel-level stealth. A new era of cyber threats demands advanced defenses. #CyberSecurity #AIThreats #VoidLink Link: thedailytechfeed.com/ai-generated...

Sysdig entdeckt C2-kompilierte Kernel-Rootkits und neue Tarnmechanismen im Linux-Malware-Framework Voidlink

#CloudSicherheit #Cybersecurity #Cybersicherheit #Linux #Malware #Rootkit @Sysdig #Voidlink

netzpalaver.de/2026/...

Check Point Research Unveils New Cloud-Native Linux Malware Framework VoidLink Check Point Research uncovers VoidLink, a new cloud-native malware framework targeting Linux infrastructures, marking a shift in cyber threats.

Check Point Research Unveils New Cloud-Native Linux Malware Framework VoidLink #None #Malware #Check_Point #VoidLink

クラウドネイティブなマルウェア「VoidLink」が表すAI活用の新たな脅威 「VoidLink」はLinuxを狙う新型マルウェアフレームワークで、AIを活用した高度な攻撃手法を示しています。セキュリティ対策は急務です。

クラウドネイティブなマルウェア「VoidLink」が表すAI活用の新たな脅威 #AI #クラウド #VoidLink

「VoidLink」はLinuxを狙う新型マルウェアフレームワークで、AIを活用した高度な攻撃手法を示しています。セキュリティ対策は急務です。

VoidLink : Comprendre le mécanisme de redirection malveillante et ses impacts sur la cybersécurité

Les liens ne sont plus ce qu’ils semblent… VoidLink est un mécanisme de redirection malveillante qui défie les filtres et sandbox. Comprendre pour mieux se protéger. 🔐
#VoidLink #CyberSécurité #Phishing #Malware #Infosec #SécuritéDigitale

VoidLink: Check Point finds first advanced AI-generated malware using Spec Driven Development; includes eBPF, LKM rootkits and cloud/container modules. Dev artifacts and OPSEC leaks show AI-driven build to first implant in <1 week. #VoidLink #AI #eBPF https://bit.ly/4qH4ax4

VoidLink Malware Puts Cloud Systems on High Alert With Custom Built Attacks Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

📢 ⚠️ ☁️ VoidLink malware is now targeting cloud systems with custom-built attacks, adapting to evade detection and abuse cloud environments like AWS and Azure, according to researchers.

Read: hackread.com/voidlink-mal...

#CyberSecurity #Malware #CloudSecurity #Linux #Infosec #VoidLink

VoidLink Malware Puts Cloud Systems on High Alert With Custom Built Attacks Sysdig TRT analysis reveals VoidLink as a revolutionary Linux threat. Using Serverside Rootkit Compilation and Zig code, it targets AWS and Azure with adaptive stealth.

Linuxベースのクラウド狙うマルウェア「VoidLink」、AIがほぼすべてを生成 | Codebook｜Security News Check Point Researchが公開したレポートでは、12月に発見されたマルウェア「VoidLink」のほぼすべてが中国系開発環境のAIによって生成された、未完成のフレームワークと推測されている。

#Linux ベースの #クラウド 狙う #マルウェア ｢ #VoidLink ｣､ #AI がほぼすべてを生成 | Codebook - マキナレコード

VoidLinkはLinuxベースのクラウド環境でAWS、Google Cloud Platform、Microsoft Azure、Alibaba、Tencentを自動的にスキャンして検出。モジュラープラグイン37件 ...
codebook.machinarecord.com/threatreport...

VoidLink malware redefines Linux rootkit strategies with server-side kernel compilation and AI-assisted code, posing new challenges for cloud security. #CyberSecurity #Linux #Malware #VoidLink Link: thedailytechfeed.com/voidlink-mal...

As VoidLink proves, malware is becoming AI-driven The discovery of VoidLink, the new Linux malware framework that Techzine wrote about earlier, marks an important turning point in the world of

As VoidLink proves, malware is becoming AI-driven The discovery of VoidLink, the new Linux malware framework that Techzine wrote about earlier, marks an important turning point in the world of cybe...

#Security #Linux #malware #VoidLink

Origin | Interest | Match

VoidLink cloud malware shows clear signs of being AI-generated The recently discovered cloud-focused VoidLink malware framework is believed to have been developed by a single person with the help of an artificial intelligence model.

#VoidLink cloud #malware shows clear signs of being #AI-generated

www.bleepingcomputer.com/news/security/voidlink-c...

#cybersecurity #FOSS #Linux

How AI built VoidLink malware in just seven days Check Point Research disclosed on details regarding VoidLink, which it identified as the first documented advanced malware framework predominantly authored by artificial intelligence (AI), signaling a new era of AI-generated malware. Previously, evidence of AI-generated malware largely indicated use by inexperienced threat actors or mirrored existing open-source tools. VoidLink, however, demonstrates AI’s potential in the […]

VoidLink: The First Advanced AI-Generated Malware

~Checkpoint~
VoidLink is the first documented case of an advanced, complex malware framework developed almost entirely by AI.
-
IOCs: (None identified)
-
#AI #Malware #ThreatIntel #VoidLink

VoidLink: il framework che mostra come l’IA stia cambiando il cybercrime

📌 Link all'articolo : www.redhotcyber.com/post/voi...

#redhotcyber #news #voidlink #intelligenzaartificiale #malware #cybersecurity #hacking #framework

VoidLink Linux Malware Targets Cloud Systems
Read More: buff.ly/4few38e

#VoidLink #LinuxMalware #CloudSecurity #KubernetesSecurity #ContainerSecurity #CloudNativeSecurity #SupplyChainSecurity #DevSecOps #ThreatIntel #CheckpointResearch

Scoperto VoidLink: il “super malware” per Linux che prende di mira cloud e container

📌 Link all'articolo : www.redhotcyber.com/post/sco...

#redhotcyber #news #cybersecurity #hacking #malware #linux #sicurezzainformatica #voidlink

Qué es VoidLink, el malware que acecha Linux en AWS y Azure VoidLink malware Linux en la nube (AWS, Azure, Google Cloud): roba credenciales se oculta en Docker y amenaza real a la cadena de suministro. ¿VoidLink, el malware que quiere vivir en tu nube sin hace...

Qué es VoidLink, el malware que acecha Linux en AWS y Azure #VoidLink #malware #Linux #ciberseguridad #AWS #Azure #GoogleCloud #Docker #Kubernetes #DevOps #CloudSecurity #SupplyChainAttack #Infraestructura #15deenero #felizjueves donporque.com/que-es-voidl...

VoidLink Malware Targets Linux Clouds
Read More: buff.ly/Zy0YCOa

#VoidLink #LinuxMalware #CloudSecurity #KubernetesSecurity #ContainerSecurity #CloudNativeThreats #EDR #LinuxInfosec #ThreatResearch #AdvancedMalware

New Linux malware targets the cloud, steals creds : Cloud-native, 37 plugins … an attacker's dream

New #Linux #malware targets the cloud, steals creds, and then vanishes
www.theregister.com/2026/01/14/v...

#VoidLink targets victims' cloud infrastructure with >30 plugins allowing attackers to perform a range of illicit activities.
#CyberCrime #CyberSecurity #InfoSec

Original post on c.im

Researchers have discovered a never-before-seen #framework that infects #Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers.
The framework, referred to as #VoidLink by its source code, features more than 30 modules […]

更新されたよ、見に来てね!→ 見えない脅威「 #VoidLink 」とEUの逆襲 #Wikipedia 25周年と #Linux の躍進 2026年1月15日(木) #security #news

New China Linked VoidLink Linux Malware Targets Major Cloud Providers Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

📢⚠️ New China linked VoidLink Linux malware targets major cloud providers like AWS, Azure and Google Cloud to steal data and evade detection.

Read: hackread.com/china-voidli...

#CyberSecurity #Malware #CloudSecurity #Linux #VoidLink

VoidLink: Noua amenințare pentru infrastructura Linux - TECHNEWSRO VoidLink. malware cloud‑native avansat care vizează infrastructura Linux, folosind module stealth și tehnici sofisticate de persistență.

#VoidLink: The New #Threat to #Linux Infrastructure

New VoidLink malware framework targets Linux cloud servers A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders, implants, rootkits, and plugins designed for modern infrastructures.

New #VoidLink #malware framework targets #Linux cloud servers

www.bleepingcomputer.com/news/security/new-voidli...

#cybersecurity #FOSS