UAC-0247 is conducting an active intrusion campaign against Ukrainian government agencies, healthcare organizations, and defense-affiliated entities using AgingFly, a novel C# malware that compiles its own attack handlers at runtime using the .NET Roslyn compiler. The campaign targets Windows systems broadly and harvests credentials from Chromium-based browsers including Microsoft Edge and WhatsApp for Windows. No CVEs are assigned; this is a behavioral threat requiring detection engineering and application control responses rather than patch management.