A North Korean APT group known as Citrine Sleet has been linked to the exploitation of a zero-day vulnerability in the Chromium browser, specifically CVE-2024-7971. This vulnerability, a type confusion flaw in the V8 JavaScript and WebAssembly engine, allowed for remote code execution (RCE) in the sandboxed Chromium renderer process. The threat actor, known as Citrine Sleet, primarily targets the cryptocurrency sector and has been observed deploying the FudModule rootkit to gain persistence on compromised systems. This incident highlights the ongoing threat posed by North Korean state-sponsored actors and the importance of patching vulnerabilities promptly.