APT37 is presented as a North Korea linked actor also tracked as Reaper, ScarCruft, Ricochet Chollima, Geumseong121, InkySquid, Crooked Pisces, Moldy Pisces, and TA-RedAnt. The excerpt describes targeting centered on South Korea but extending across government, military, financial, food, energy, aerospace, education, healthcare, media, technology, and transportation sectors. It lists APT37 tooling such as BLUELIGHT, DOGCALL, RokRAT, VeilShell, GOLDBACKDOOR, Konni, and Cobalt Strike, with emphasis on phishing, LNK files, Living off the Land execution, PowerShell, WMI, scheduled tasks, and registry persistence. The article also cites recent use of Internet Explorer CVE-2024-38178 and VeilShell delivery through compromised advertising or web links.