NSHC ThreatRecon’s May 2023 monthly report says SectorA activity accounted for the largest share of observed threat-actor operations during the collection period, with SectorA01, SectorA02, SectorA04, SectorA05, and SectorA06 active. The SectorA section reports attacks seen in the United States, Korea, Australia, Hong Kong, India, Japan, Italy, and multiple European or Middle Eastern countries, using IIS-targeted downloaders, ZIP archives with malicious LNK files, Microsoft Defender impersonation, CHM files that download HTA malware, and macOS malware disguised as a PDF viewer for venture-capital targets. NSHC states that ongoing SectorA operations pursue both high-grade intelligence related to Korean political and diplomatic activity and global financial gain. Other sections cover non-SectorA groups, but this summary is limited to the SectorA activity supported by the excerpt.