Researchcontainer securitykubernetesebpfmalware
VoidLink Targets Kubernetes And AI Workloads
|
9.4
Security researchers disclosed VoidLink in December 2025 as a Linux malware framework that persistently targets Kubernetes, containers, and GPU-accelerated AI workloads by living inside pods and GPU clusters. Cisco Talos links the framework to advanced actor UAT-9921 and highlights compile-on-demand, fileless, kernel-evasive techniques that harvest cloud metadata and credentials, implying defenders need kernel-level runtime telemetry to detect and contain it.
Scoring Rationale
High novelty and actionable mitigation guidance from credible vendors; slight vendor-alignment and industry prevalence moderates breakthrough.
Practice with real Ride-Hailing data
90 SQL & Python problems · 15 industry datasets
Used by DS/ML engineers at top companies
250 free problems · No credit card
See all Ride-Hailing problems
