A new cyber threat actor, Void Arachne, is targeting Chinese-speaking users with malicious VPN installers. This sophisticated attack employs SEO poisoning and promotes compromised MSI files containing nudifiers, deepfake pornography-generating software, and AI voice and facial technologies. The attack is particularly concerning due to its use of advanced AI and deepfake techniques to disguise the malicious software as legitimate VPNs, posing significant risks to users' privacy and security. Void Arachne also utilizes the Winos 4.0 C&C Framework in their operations.