Targeting containerized environments, VoidLink seems most sensible when accompanying universal exploits like the xz backdoor. May be indicative of continuing efforts and confidence to infiltrate the base Linux ecosystem. I imagine, this framework isn't primarily used for targeted attacks and espionage, but rather as rapid staging ground for "cyber warfare" operations.