Elastic's security team has come across "a data dump containing source code, compiled binaries, and deployment scripts for the kernel rootkit components of VoidLink, a cloud-native Linux malware framework first documented by Check Point Research in January 2026."
https://www.elastic.co/security-labs/illuminating-voidlink
Catalin Cimpanu
npub1tq…3aefw
2026-03-26 18:08:20 UTC
Author Public Key
npub1tqfukrqgh928vktkl6vx063ck2c4yn3ek8m44v3txfhztqe65anq63aefwSeen on
wss://relay.ditto.pubPublished at
2026-03-26 18:08:20 UTCEvent JSON
{
"id": "c8cc2b0aead4e2a57b470d106d8f54382a1ca78115b354885129f43e584e7db3",
"pubkey": "5813cb0c08b954765976fe9867ea38b2b1524e39b1f75ab22b326e25833aa766",
"created_at": 1774548500,
"kind": 1,
"tags": [
[
"proxy",
"https://mastodon.social/users/campuscodi/statuses/116296810530101380",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.ditto.pub"
]
],
"content": "Elastic's security team has come across \"a data dump containing source code, compiled binaries, and deployment scripts for the kernel rootkit components of VoidLink, a cloud-native Linux malware framework first documented by Check Point Research in January 2026.\"\n\nhttps://www.elastic.co/security-labs/illuminating-voidlink",
"sig": "58734d9bc695d5784207c80c4a1fcbb8016bbd636bc87f43b20a678109d498c1f5a3a7a2d79d3e62e2c11d5f1171a39c9e814987175d670e523c5a37e033a9e8"
}