HTTPSpy

Kimsuky targeted South Korean military and corporate entities in March and April 2026 with fake security pages, counterfeit Webex lures and a new HTTPSpy malware variant, according to technical analyses from ENKI and Kaspersky.