OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack
Summary
OpenAI discovered that a macOS code signing certificate (a digital credential used to verify that software is legitimate and unchanged) may have been compromised in a supply chain attack (where hackers target a company's software distribution process rather than attacking the company directly) linked to North Korea. The company is taking action to address this potential security breach.
Classification
Affected Vendors
Related Issues
CVE-2026-63086: text-generation-inference through 3.3.7 contains a server-side request forgery (SSRF) vulnerability in the OpenAI-compat
CVE-2026-34371: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.4, LibreChat trusts the name field returned by the e
Original source: https://www.securityweek.com/openai-impacted-by-north-korea-linked-axios-supply-chain-hack/
First tracked: April 13, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 85%