NSHC’s August 2025 roundup identifies SectorA activity against finance and cryptocurrency targets using fileless attacks, malicious LNK files, and software package exploitation. The SectorA section highlights the Contagious Interview campaign distributing BeaverTail, InvisibleFerret, and OtterCookie, with Vercel.App-based C2 activity and code execution through eval. It also describes PyLangGhost RAT using fake-interview social engineering and the ClickFix technique to steal credentials and cryptocurrency wallets. RokRAT is described as using memory-based fileless execution and process hollowing, while spear-phishing against diplomatic missions uses GitHub and Dropbox as C2 channels.