Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

North Korean threat actor Kimsuky has escalated its cyber operations against South Korean and global targets by deploying new and evolving malware—including HTTPSpy, HelloDoor, and advanced tunneling techniques—leveraging sophisticated social engineering and legitimate tools to maximize infection, persistence, and data exfiltration.