{"data":{"id":"b1e6d0c2-d426-4247-adc5-c84eb4600874","title":"Our response to the Axios developer tool compromise","summary":"OpenAI discovered that Axios, a third-party developer library (a pre-written code package used to build software), was compromised in a software supply chain attack (where attackers infiltrate widely-used tools to affect many companies at once) on March 31, 2026, and their macOS app-signing process briefly used a malicious version. OpenAI found no evidence that user data or systems were compromised, but is revoking and updating their security certificates (digital credentials that verify software is authentic) and requiring all macOS users to update their OpenAI apps to prevent the risk of fake apps appearing legitimate. As of May 8, 2026, older versions of ChatGPT Desktop (before 1.2026.051), Codex App (before 26.406.40811), Codex CLI (before 0.119.0), and Atlas (before 1.2026.84.2) will no longer receive updates and may stop working.","solution":"Update to the latest versions of OpenAI's macOS apps through in-app update or official links. OpenAI also addressed the root cause by fixing the GitHub Actions workflow misconfiguration: the workflow previously used a floating tag instead of a specific commit hash and lacked a configured minimumReleaseAge for new packages; these have been corrected. OpenAI rotated the macOS code signing certificate, published new builds of all affected macOS products with the new certificate, and worked with Apple to prevent software notarization using the previous certificate.","labels":["security"],"sourceUrl":"https://openai.com/index/axios-developer-tool-compromise","publishedAt":"2026-04-10T00:00:00.000Z","cveId":null,"cweIds":null,"cvssScore":null,"cvssSeverity":null,"severity":"high","attackType":["supply_chain"],"issueType":"incident","affectedPackages":null,"affectedVendors":["OpenAI"],"affectedVendorsRaw":["OpenAI","ChatGPT Desktop","Codex","Atlas","Axios"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":null,"epssScore":null,"patchAvailable":null,"disclosureDate":"2026-04-10T00:00:00.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"advanced","impactType":["integrity","confidentiality"],"aiComponentTargeted":"api","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}