Microsoft Threat Intelligence reports that North Korean clusters including Jasper Sleet, Coral Sleet, Sapphire Sleet, and Emerald Sleet are using AI as an operational accelerator across reconnaissance, persona building, infrastructure setup, and social engineering. Jasper Sleet uses generative AI to create fraudulent digital personas, generate culturally appropriate names and email formats, and extract skills from software and IT job postings so remote IT worker identities better match target roles. Emerald Sleet has used LLMs to research public vulnerabilities such as CVE-2022-30190, while Coral Sleet has used development platforms to quickly create high-trust web infrastructure for staging, testing, and command-and-control activity. The findings matter because AI is not described as replacing operators, but as reducing cost and friction for DPRK-linked revenue generation, access persistence, and scaled abuse of legitimate employment channels.