> TritonInfoSec News
Home / May 31, 2026 / Story
0
#8 The Hacker News general May 29, 2026 at 05:57 UTC

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

By [email protected] (The Hacker News)

AI Summary

North Korean APT Kimsuky (aka Velvet Chollima) deployed new tools including HTTPSpy, HelloDoor, and abused VS Code Tunnels in targeted attacks against South Korean military and corporate entities during March–April 2026. The campaign featured tailored social engineering including spoofed security software installation pages and a fake Webex meeting lure, expanding Kimsuky's already sophisticated toolset.

Read full article → https://thehackernews.com/2026/05/kimsuky-deploys-…

Relevance score: 75.0/100

# More from May 31

  1. 1
    Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks BleepingComputer
  2. 2
    New CIFSwitch Linux flaw gives root on multiple distributions BleepingComputer
  3. 3
    PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation The Hacker News
  4. 4
    Charter Communications Data Breach Could Impact Nearly 5 Million SecurityWeek
  5. 5
    Botnet of more than 17 million devices dismantled Ars Technica Security
  6. 6
    ChatGPT share links abused to host fake outage pages to deliver malware BleepingComputer
  7. 7
    ESET APT Activity Report Q4 2025–Q1 2026 WeLiveSecurity (ESET)
  8. 9
    Chrome 148 Update Patches 151 Vulnerabilities SecurityWeek
  9. 10
    California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach SecurityWeek