WelcomeUser Guide
ToSPrivacyCanary
DonateBugsLicense

©2025 Poal.co

809

Archive: https://archive.today/ltSXH

From the post:

>Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers’ needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign.

Archive: https://archive.today/ltSXH From the post: >>Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to attackers. The framework, referred to as VoidLink by its source code, features more than 30 modules that can be used to customize capabilities to meet attackers’ needs for each infected machine. These modules can provide additional stealth and specific tools for reconnaissance, privilege escalation, and lateral movement inside a compromised network. The components can be easily added or removed as objectives change over the course of a campaign.
[–] 1 pt

No confirmation of it in the wild. Sounds like Spectre and Heartbleed. Bunch of patches and migrations for something you will never see in real life.

[–] 0 pt

I came to ask how so we know we have or protect from?

Maybe not a big threat right now.

[–] 1 pt

From the article it seems that mostly "cloud" systems are being targeted at the moment. At least one rule to follow.. Always fully patch before any ports are open to the world.

IF possible, patch as often as possible and reboot when you have patches for things like the kernel or glibc, etc.