{"id":7523,"date":"2025-07-03T07:33:17","date_gmt":"2025-07-03T07:33:17","guid":{"rendered":"http:\/\/localhost\/?p=7523"},"modified":"2025-07-03T07:33:17","modified_gmt":"2025-07-03T07:33:17","slug":"n-korean-hackers-drop-nimdoor-macos-malware-via-fake-zoom-updates","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7523","title":{"rendered":"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates"},"content":{"rendered":"

Security Update News<\/h2>\n

Update Information<\/h3>\n\n\n\n\n\n\n
Title<\/th>\nN Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates<\/td>\n<\/tr>\n
Update ID<\/th>\nHACKREAD:9B9599D16F2964641CB809BF2F798319<\/td>\n<\/tr>\n
Type<\/th>\nhackread<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-03T10:57:49<\/td>\n<\/tr>\n
Last Updated<\/th>\n2025-07-03T10:57:49<\/td>\n<\/tr>\n<\/table>\n

Security Impact<\/h3>\n\n\n
Severity<\/th>\nNONE<\/td>\n<\/tr>\n<\/table>\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nNorth Korean hackers are distributing NimDoor macOS malware through fake Zoom updates, targeting Web3 and cryptocurrency firms. The malware exploits Nim and AppleScript to steal sensitive data, including Keychain, browser, shell, and Telegram information.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
AI Vendor<\/th>\nApple<\/td>\n<\/tr>\n
AI Product<\/th>\nmacOS<\/td>\n<\/tr>\n
AI Version<\/th>\nNot specified<\/td>\n<\/tr>\n<\/table>\n

Update Details<\/h3>\n
\nSentinelLabs uncovers NimDoor, new North Korea-aligned macOS malware targeting Web3 and crypto firms. Exploits Nim, AppleScript, and steals Keychain, browser, shell, and Telegram data.\n<\/div>\n

View Advisory Details<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Security Update News Update Information Title N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates Update ID HACKREAD:9B9599D16F2964641CB809BF2F798319 Type hackread Published 2025-07-03T10:57:49 Last…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,34,12,66,13,33,7,11,5],"class_list":["post-7523","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-cvss-00","tag-exploit","tag-hackread","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nN Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=7523\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Security Update News Update Information Title N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates Update ID HACKREAD:9B9599D16F2964641CB809BF2F798319 Type hackread Published 2025-07-03T10:57:49 Last...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=7523\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-07-03T07:33:17+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7523#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7523\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates\",\"datePublished\":\"2025-07-03T07:33:17+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7523\"},\"wordCount\":132,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-0.0\",\"exploit\",\"hackread\",\"news\",\"NONE\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7523#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7523\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7523\",\"name\":\"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-07-03T07:33:17+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7523#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=7523\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=7523#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=7523","og_locale":"en_US","og_type":"article","og_title":"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates - zero redgem","og_description":"Security Update News Update Information Title N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates Update ID HACKREAD:9B9599D16F2964641CB809BF2F798319 Type hackread Published 2025-07-03T10:57:49 Last...","og_url":"https:\/\/zero.redgem.net\/?p=7523","og_site_name":"zero redgem","article_published_time":"2025-07-03T07:33:17+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=7523#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=7523"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates","datePublished":"2025-07-03T07:33:17+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=7523"},"wordCount":132,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-0.0","exploit","hackread","news","NONE","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=7523#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=7523","url":"https:\/\/zero.redgem.net\/?p=7523","name":"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-07-03T07:33:17+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=7523#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=7523"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=7523#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"N Korean Hackers Drop NimDoor macOS Malware Via Fake Zoom Updates"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7523"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/7523\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}