{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiber7czlwhyqorkm2u32k4r2jjgnjyb6milo6zk22jfdbto3jdwha",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mmy3qof6wsn2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreie2kvrzlfthsjepij3ix7sigwrnmipculglmhczxm7ujyjca74c2a"
    },
    "mimeType": "image/png",
    "size": 373890
  },
  "path": "/2026/05/kimsuky-deploys-httpspy-expands-arsenal.html",
  "publishedAt": "2026-05-29T05:57:41.000Z",
  "site": "https://thehackernews.com",
  "textContent": "The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026.\n\n\"Kimsuky employed a range of tailored social engineering tactics, such as spoofing security software installation pages and crafting a fake Webex meeting page that leveraged",
  "title": "Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels"
}