https://www.bleepingcomputer.com/news/security/new-voidlink-malware-framework-targets-linux-cloud-servers/
A newly discovered advanced cloud-native Linux malware framework named VoidLink focuses on cloud environments, providing attackers with custom loaders,...
cloud serversnewvoidlinkmalwareframework
https://blog.talosintelligence.com/voidlink/
Feb 11, 2026 - Cisco Talos recently discovered a new threat actor, UAT-9221, leveraging VoidLink in campaigns. Their activities may go as far back as 2019, even without...
threat actornewvoidlinkframeworkcampaigns
https://www.csoonline.com/article/4117038/sophisticated-voidlink-malware-framework-targets-linux-cloud-servers.html
Jan 14, 2026 - Check Point researchers have discovered a modular malware framework likely designed by Chinese developers to harvest credentials for cloud environments.
cloud serverscso onlinesophisticatedvoidlinkmalware
https://www.ontinue.com/resource/voidlink-dissecting-an-ai-generated-c2-implant/
Feb 20, 2026 - Ontinue's ATO team published research on VoidLink revealing how LLM-generated malware is lowering the barrier to sophisticated Linux C2 implants with cloud,...
researchvoidlinkrevealsrisksllm