This Is My (Not) Surprised Face
Two days ago, Check Point Research published an article regarding what they’re calling the first evidence of a completely AI-driven malware framework, VoidLink. They first encountered this new framework in December, affecting Linux, and at the time considered the cluster of samples to be unfinished in terms of a fully functional tool. But it was evolving. Fast. Too fast for human oversight considering the level of sophistication and complexity.
The framework includes cloud implantation and harvesting credentials via Git repositories. It contains features like in-memory plugins, adaptive stealth capabilities tailored enough to preserve operational security over performance and multiple command-and-control channels. Earlier this month, CPR wrote about these details, concluding that it was likely inspired by Cobalt Strike’s Beacon Object Files approach. (For more information on that, see my report on Cobalt Strike here.) VoidLink is primarily written in Zig, but also has capability in Go, C and React. At the time of this earlier article, the malware was considered to be still in proof-of-concept mode, with no real intention of use being clear other than some kind of commercial venture.
Fast forward just a week, and we have our answer. VoidLink is a self-evolving, powerful malware suite, capable of building an entire attack campaign with little oversight. It is, however, not perfect. CPR has been monitoring the architecture traced back to a single human actor and found operational security (OPSEC) failures that allowed them to document how this malware is coded and how it evolves in real time. It is there that CPR concluded that this model was AI-generated, considering that what looked like a development period that should have taken many months was happening in a matter of hours or days.
Much of my research results in finding patterns. The ebb and flow of infosec is discernible if you spend enough time in it. And today, I’m having a moment of deeply conflicted vindication. I saw this coming, and have even reported on it several times, going back to September and October of 2025; PromptLock, prompt injection in general, and this report on generative AI that brings up novel malware forms. But it is not something I wanted to be right about. AI-generated code has evolved to be autonomous and continuous. CPR’s report highlights some of the structures that give away the AI nature of VoidLink, namely the thoroughness, speed, and adaptability in a modular framework.
The danger here isn’t actually the new and innovative ways AI can be manipulated by threat actors. That was always a foregone conclusion, since everything that exists is subject to exploitation (I mean, Cobalt Strike is a great example of that). It’s the sheer volume of it that is going to overwhelm attempts to mitigate it when fully functional frameworks can be built from the ground up in less than a week. And keeping up with it will be challenging for human SOC teams that require things like food and sleep. Reports like CPR’s will go a long way to understanding the infrastructure of AI malware, but that alone is not enough. We are currently living with what I consider an anti-vaxxer mentality towards cybersecurity. Too many companies either don’t understand why they need protection or don’t want to pay for it, or be compliant with it if they do. I predicted this trend months ago. Now it remains to be seen what we, as an industry, are going to do about it.
Posted on LinkedIn, 1/22/26










