Kimsuky, also known as Black Banshee, is described as a North Korean state-sponsored APT active since at least 2012 and focused on espionage against targets in South Korea, Japan, the United States, and other countries. The advisory lists phishing, malware infections, supply chain compromise, lateral movement, and data exfiltration as recurring tactics. It highlights Android malware activity involving FastFire, FastViewer, and FastSpy, including Firebase C2 use and modified Androspy code, and cites ReconShark as a BabyShark evolution used for reconnaissance and exfiltration. Representative indicators include spectacularfields.icu, b262ac518c0114f414aaedbb4ef7c728, and a defanged URL using the nood subdomain.