AhnLab reports continued distribution of targeted malicious Word documents using Korean political, diplomatic, academic-conference, and policy-advisory biography lures. The DOCX files fetched external DOTM templates such as InterKoreanSummit.dotm and Seminarfinal.dotm, whose obfuscated macros launched PowerShell and downloaded additional scripts from attacker-controlled infrastructure including ripzi.getenjoyment.net and likel.atwebpages.com. The scripts matched earlier malicious Word campaigns with only C2 changes, and document metadata suggested the same creator account seen in previous lure documents. The excerpt does not name a specific DPRK actor, so the summary should treat the activity as North Korea-relevant targeting context rather than assert Kimsuky or Lazarus attribution.