Genians describes a Korea-focused APT case in which attackers approached targets with a fake foreign news interview request and delivered an HWP document containing a malicious OLE object. The activity used the FlowerPower tool family associated with Kimsuky campaign types, including encrypted PowerShell execution and document-based delivery seen in earlier FlowerPower, BoBoStealer, FakeStriker, Jinho Spy, and GoldDragon reporting. The source says the threat actor configured GitHub as command infrastructure and frames the case as part of Kimsuky's document and script-based operations against South Korean diplomatic, security, defense, unification, and activist communities.