TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
Summary
OpenAI disclosed that two employee devices were compromised through the Mini Shai-Hulud supply chain attack on TanStack (a software dependency library), resulting in limited credential theft from internal code repositories but no user data or production systems were affected. Because the compromised repositories contained signing certificates (digital credentials that verify software authenticity) for macOS apps, OpenAI revoked the old certificates and requires macOS users of ChatGPT Desktop, Codex App, Codex CLI, and Atlas to update to the latest versions before June 12, 2026, when the old certificates will be blocked by macOS protections.
Solution / Mitigation
OpenAI isolated impacted systems and identities, revoked user sessions, rotated all credentials across impacted repositories, temporarily restricted code-deployment workflows, audited user and credential behavior, and revoked the compromised signing certificates while issuing new ones. macOS users must update ChatGPT Desktop, Codex App, Codex CLI, and Atlas to the latest versions before June 12, 2026.
Classification
Affected Vendors
Related Issues
Original source: https://thehackernews.com/2026/05/tanstack-supply-chain-attack-hits-two.html
First tracked: May 15, 2026 at 08:00 AM
Classified by LLM (prompt v3) · confidence: 95%