NSHC's July 2024 intelligence roundup records four SectorA activity clusters, a set it describes as pursuing both intelligence collection tied to Korean political and diplomatic interests and financially motivated operations worldwide. SectorA01 activity was observed across countries including France, Pakistan, Malaysia, Taiwan, Spain, the United States, India, the Philippines, South Korea, Vietnam, Morocco, Brazil, Israel, and Bosnia and Herzegovina, using recruiter impersonation and fake recruitment or source-code review archives to induce execution of malicious scripts. SectorA04 activity in South Korea exploited vulnerabilities to seize control of a centralized enterprise management solution for malware distribution. SectorA05 used LNK malware disguised as a speaking request in South Korea and Germany, downloaded additional malware through the Dropbox API, and executed it filelessly. SectorA07 activity in South Korea used LNK files disguised as tax-return guidance that ultimately ran Visual Basic Script and batch malware for information collection and further payload execution.