NSHC's November 2023 ThreatRecon report attributed the largest share of observed activity to SectorA, its North Korea tracking set, with five clusters active across South Korea, the United States, Russia, Israel, Mexico, Austria, China, and Japan. The SectorA cases included LNK malware using North Korean security and military themes, Apache ActiveMQ CVE-2023-46604 exploitation to deliver remote-control and backdoor malware, security-mail and tax-certificate lures, and a fake blockchain engineer persona delivering macOS malware to cryptocurrency exchange engineers through Discord. NSHC assessed that SectorA continued to pursue South Korea-related political, diplomatic, and government intelligence while also conducting financially motivated operations worldwide.