Odaily Planet Daily reports that SlowMist CISO 23 pds posted on the X platform that a suspected member of the North Korean hacker group Kimsuky APT suffered a major data breach in early June 2025, exposing hundreds of gigabytes of internal documents and tools. The leak included backdoors, phishing frameworks, and reconnaissance operations. The data came from two compromised systems of an operator codenamed "KIM": one a Linux development workstation running Deepin 20.9 and the other a VPS used for spearphishing.