Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework — Elastic Security Labs

Elastic Security Labs analyzes VoidLink, a sophisticated Linux malware framework that combines traditional Loadable Kernel Modules with eBPF to maintain persistence.