OpenAI Warns macOS Users to Update ChatGPT and Codex Immediately
Key Takeaways OpenAI experienced a security incident stemming from a wider software supply chain attack targeting the Axios JavaScript library. The attack, attributed to North Korean threat actors,...
Key Takeaways
- OpenAI experienced a security incident stemming from a wider software supply chain attack targeting the Axios JavaScript library.
- The attack, attributed to North Korean threat actors, compromised Axios npm accounts and injected a cross-platform Remote Access Trojan (RAT) into versions v1.14.1 and v0.30.4.
- OpenAI’s macOS application certification infrastructure was exposed due to a misconfigured GitHub Actions workflow that pulled the malicious Axios update.
- No user data, API keys, or systems were compromised, but OpenAI is revoking and rotating all macOS security certificates as a precaution.
- macOS users of ChatGPT, Codex, and Atlas must update their applications immediately; older versions will become unsupported and potentially non-functional after May 8, 2026.
OpenAI has disclosed a security incident tied to a broader software supply chain attack that impacted the widely used Axios third-party JavaScript library. The incident, first detected on March 31, 2026, exposed elements of OpenAI’s macOS application certification infrastructure, though the company confirmed no user data, API keys, or internal systems were compromised.
Table Of Content
On March 31, 2026 (UTC), threat actors, believed to be affiliated with North Korea, successfully hijacked an npm account belonging to an Axios library maintainer. This compromise allowed them to push malicious updates, specifically versions v1.14.1 and v0.30.4, into the popular library.
These tampered versions surreptitiously introduced a hidden dependency named plain-crypto-js. This module functioned as a sophisticated cross-platform Remote Access Trojan (RAT), capable of operating across Windows, macOS, and Linux environments. According to cybersecurity firm Palo Alto Networks’ Unit 42, the malware was designed to conduct system reconnaissance, establish persistent access, and then self-destruct to hinder forensic analysis.
Axios is a cornerstone in the JavaScript development ecosystem, boasting over 100 million weekly downloads. This extensive reach amplified the potential impact of the supply chain compromise.
OpenAI’s Incident Response
OpenAI’s internal build pipeline utilized Axios within its GitHub Actions workflow. When this automated workflow pulled the compromised Axios update, the malicious library gained unauthorized access to certification and notarization materials crucial for digitally signing OpenAI’s macOS applications, including ChatGPT Desktop, Codex, and Atlas.
Code-signing certificates are fundamental trust anchors, verifying to Apple’s operating systems and the App Store that an application originates from its legitimate publisher. Exploiting this access, an attacker could theoretically have forged counterfeit OpenAI applications, signed with a seemingly valid certificate, thereby deceiving both end-users and Apple’s security mechanisms into accepting them as authentic. OpenAI attributed the root cause to a misconfiguration within its GitHub Actions workflow, which has since been rectified.
We recently identified a security issue involving the third-party developer library Axios that was part of a broader industry incident. We found no evidence that OpenAI user data was accessed, that our systems were compromised, or that our software was altered.
Out of a…
— OpenAI (@OpenAI) April 11, 2026
In response, OpenAI has initiated aggressive containment measures. The company is revoking and rotating all macOS security certificates to nullify any trust material that may have been compromised during the incident.
Consequently, all macOS users are now mandated to update their OpenAI applications—ChatGPT, Codex, Atlas, and Codex CLI—to their latest versions to incorporate these refreshed certificates. OpenAI has clarified that users do not need to change their passwords, as user credentials and API keys were unaffected by this incident.
A critical deadline has been set: after May 8, 2026, older versions of these macOS applications will no longer receive updates or support and may become completely non-functional. Users can update their applications securely via an in-app prompt or through official download links provided by OpenAI.
The impact of this attack on OpenAI was strictly limited to macOS applications; Android, Linux, and Windows platforms remained unaffected. OpenAI reiterated its findings of no evidence of user data exfiltration, system compromise, or software tampering.
This incident serves as a stark reminder of the escalating threat posed by software supply chain attacks, particularly those targeting developer tools—a vector increasingly favored by sophisticated state-sponsored threat actors. Organizations relying heavily on open-source libraries within automated CI/CD pipelines are urged to implement robust security practices such as dependency pinning, integrity verification, and regular workflow audits to mitigate exposure to similar risks.
What You Should Do
- Update Immediately: If you use ChatGPT, Codex, Atlas, or Codex CLI on macOS, update your applications to the latest version without delay.
- Verify Source: Always update applications through official in-app prompts or directly from OpenAI’s trusted download links.
- No Password Change Needed: This incident did not affect user passwords or API keys, so no password reset is required.
- Be Aware of Deadline: Older macOS versions of these applications will cease to function or receive support after May 8, 2026.
- Implement Supply Chain Security: For developers and organizations, enforce dependency pinning, conduct integrity checks, and regularly audit CI/CD workflows to secure your software supply chain.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.