Kimsuky Deploys HTTPSpy and HelloDoor with VS Code Tunnel Persistence

North Korean APT Kimsuky (Velvet Chollima) targets South Korean military and corporate entities in March-April 2026 with new malware: HTTPSpy, HelloDoor (Rust), VS Code tunnels, and Cloudflare Quick Tunnels for persistent access.