VoidLink Uses AI To Build Linux Implant

Security researchers at GBHackers News report VoidLink, a modular Linux command-and-control framework, exhibits signs of AI-assisted development and active infrastructure, including a hardcoded C2 at 8.149.128.10. The implant steals multi-cloud credentials from AWS, GCP, Azure, Alibaba, and Tencent, uses container escape and adaptive rootkit techniques, and communicates via AES-256-GCM over HTTPS, lowering the barrier for sophisticated malware.