PolySwarm’s 2023 recap tracks several North Korea nexus clusters active across supply chain, cryptocurrency, and macOS intrusion activity. It ties Labyrinth Chollima/Lazarus to the 3CX supply chain compromise, cryptocurrency platform thefts involving Atomic Wallet, Alphapo and CoinsPaid, JumpCloud activity against crypto firms, LightlessCan use against a Spanish aerospace company, TeamCity exploitation, a trojanized CyberLink installer, and KandyKorn targeting blockchain engineers through Discord lures. The same source summarizes BlueNoroff/Stardust Chollima use of RustBucket and ObjCShellz, plus APT37/Ricochet Chollima use of SidLevel and RokRAT delivery through oversized LNK files. The report is useful as a year end map of DPRK linked actor aliases, target sets, and malware families rather than a single incident analysis.