NSHC’s September 2022 monthly threat-actor report summarizes multiple tracked clusters, including DPRK-relevant SectorA activity. SectorA01 targeted news and media workers with spear-phishing and messenger-delivered malware capable of system information collection, RDP connection, and file transfer through C2. SectorA05 targeted government, defense, media, and think-tank workers using HWP or Word documents delivered through large-file attachment services, then abused OLE objects to fetch malware for credential and authorization theft. SectorA06 focused on investment and finance workers with compensation-themed spear-phishing links, while SectorA07 targeted Russian embassy personnel with macro-enabled PowerPoint files and scheduled-task persistence. The report is useful as a monthly actor-cluster snapshot rather than a single-campaign technical deep dive.