top | item 46617918

(no title)

lol there’s no real technical details in this article sadly. Checkpoint has a better analysis.

https://research.checkpoint.com/2026/voidlink-the-cloud-nati...

Some kind of opensource ish malware framework the kids are running that can use eBPF …. In addition to limiting CAP_BPF or CAP_SYS_ADMIN you should also take other measures.

discuss

unknown|1 month ago

[deleted]

reincarnate0x14|1 month ago

Much better article, thanks.

That reminds me of the ninjaone interface, they could probably be selling that as a legit management tool, minus the detection avoidance and self-deletion feature :)

dralley|1 month ago

>VoidLink is an impressive piece of software, written in Zig for Linux

Finally, Zig has a user in production /s

(I like Zig, it's a joke, don't hate me)

dijit|1 month ago

Hey, I don’t hate you, but I feel like Ghostty has users.

Is it critical software? Unsure- it will feel critical if it hangs when you’re doing some data processing via a shell its running- but that's besides the point.

Maybe “production” requires it being used for a backend? ;)

neurostimulant|1 month ago

How long until antivirus vendors start flagging zig binaries as malware (like they did to golang binaries a while ago)?

jjmarr|1 month ago

An B2B SaaS platform with an amazing plugin ecosystem that works on my Kubernetes cluster, for any Linux distribution, written in Zig?

Where do I sign up?