North Korean state-nexus actors (Lazarus Group / TraderTraitor cluster) and the MURKY PANDA threat group are conducting AI-accelerated, hands-on intrusion campaigns against financial institutions with a documented focus on Microsoft 365 federated identity abuse, Entra ID authentication bypass, and fintech API exploitation. This is the highest-priority item in this week’s rollup by priority score and represents a persistent, evolving threat to the financial sector rather than a patchable vulnerability.