DBAPPSecurity’s Operation Gold Hunting report describes phishing documents aimed at venture-capital and frontier-technology targets, using NDA and investment-presentation themes as lures. The analyzed DOCX files used remote template injection to fetch malicious content from infrastructure such as `googleservice[.]xyz`, while displaying forged ISO 27001 or venture-capital documents to mislead victims. Infrastructure pivoting found lookalike venture-capital and cryptocurrency-related domains, including `abiesvc[.]com`, `dekryptcap[.]digital`, `coinbigex[.]com`, and `kraken-dev[.]com`, with some redirecting to legitimate sites for credibility. The source does not attribute the activity to Lazarus, so the summary preserves the observed campaign, targeting, delivery technique, and infrastructure without adding unsupported actor attribution.