Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels
Today’s signal The Hacker News recently reported Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels. Published context: May 29, 2026. The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026. “Kimsuky employed a range of tailored social engineering tactics, such as spoofing security software installation pages and crafting a fak ...