Shenchao TechFlow News, on August 13, Slow Mist CISO 23pds stated that a member of the suspected North Korean hacker group Kimsuky APT encountered a major data breach incident in early June 2025, resulting in the exposure of hundreds of GB of internal files and tools. The leaked data came from two compromised systems of an operator codenamed "KIM", namely a Linux development workstation running Deepin 20.9 and a virtual private server (VPS) used for spear-phishing activities. This leak exposed internal materials such as the organization's backdoor programs, phishing frameworks, and reconnaissance operations.