TI Mindmap HUB
Threat Intelligence Report

Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework

📅 March 25, 2026 📰 www.elastic.co 🔍 0 CVE(s) referenced

VoidLink is a highly advanced, AI-assisted Linux rootkit framework that combines Loadable Kernel Modules and eBPF for stealthy persistence, innovative network hiding, and adaptive evasion—demonstrating how large language models are lowering the barrier for sophisticated kernel malware development.

vendor

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle