SectorA activity in March 2026 focused heavily on developer and cryptocurrency targets, using LinkedIn-style lures, malicious repositories, Visual Studio Code automation, npm package abuse, and legitimate platforms such as GitHub, Vercel, and Google Drive for delivery and C2. NSHC highlighted StoatWaffle activity in the Contagious Interview campaign, Go-based macOS information theft, browser-extension and credential exfiltration, and cross-platform targeting of Windows and macOS environments. The report also notes Medusa ransomware use in extortion activity and broader abuse of developer workflows and open-source supply chains for information theft, financial gain, persistence, and remote access.