Hauri reported a macro-based malware document disguised as materials for an online expert roundtable about Korean nuclear armament. The brief source notes that when the macro runs, it collects user information and downloads additional malware for follow-on activity. The available evidence supports a document-phishing and macro-execution infection chain, but the excerpt does not identify a specific threat actor, C2 infrastructure, or DPRK attribution. The case is still useful for tracking Korea-focused lure themes and document malware delivery patterns.