ALL POSTS

Key Findings Cisco Talos has discovered a new threat actor, UAT-9921, using a modular attack framework called VoidLink to target organizations in the technology and financial services sectors. VoidLink is a Linux-focused, highly capable attack framework that can compile and deploy plugins on-demand, potentially enabling AI-driven tool creation in the future. UAT-9921 is believed to have been active since at least 2019, even before the use of VoidLink, and has been observed in

VoidLink Malware Puts Cloud Systems on High Alert With Custom Built Attacks Summary Key Points: VoidLink is a highly adaptable threat targeting cloud environments Discovered by Check Point Research in January 2026 and reported by Hackread.com This Chinese-developed framework is designed to infiltrate critical business infrastructure Background VoidLink is a malware that has been putting cloud environments on high alert. It was first brought to light by Check Point Research on

Key Findings VoidLink is a sophisticated Linux malware framework, built largely by a single developer with assistance from an artificial intelligence (AI) model. The malware reached over 88,000 lines of code in a short timeframe, showcasing the efficiency enabled by AI-driven development. Operational security failures by the developer exposed development artifacts, providing clear evidence that VoidLink was produced predominantly through AI-driven processes. VoidLink includes