KakaoTalk desktop on Windows is being actively abused by Konni APT (APT37, North Korea-linked) as a lateral spread vector in the EndRAT campaign; the threat is not a vulnerability in KakaoTalk itself but rather post-compromise session hijacking that weaponizes the authenticated desktop client to distribute malicious ZIP archives to trusted contacts. Organizations whose staff use KakaoTalk desktop — particularly those in human rights, NGO, or North Korea policy sectors — face elevated risk of receiving malicious files through trusted messaging channels. No patch is applicable; mitigation requires behavioral monitoring of KakaoTalk processes, out-of-band verification of ZIP file attachments, and user awareness training covering trusted-messenger abuse.