Kaspersky’s H2 2022 industrial APT roundup includes several DPRK-relevant items affecting industrial and critical-infrastructure defenders. It summarizes Microsoft reporting on DEV-0530/H0lyGh0st ransomware, a North Korea-based actor linked to PLUTONIUM/Andariel that targeted small and midsize organizations with double extortion and possible exploitation of public-facing web applications such as DotCMS CVE-2022-26352. The roundup also notes GwisinLocker ransomware incidents against South Korean industrial and pharmaceutical firms, while treating North Korean linkage as speculation based on language and operational clues. Additional Lazarus-related coverage includes signed malicious macOS executables tied to Operation In(ter)ception and updated DTrack backdoor samples observed across multiple countries and sectors.