{"id":12061,"date":"2026-04-12T10:03:31","date_gmt":"2026-04-12T10:03:31","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/04\/12\/openai-warns-macos-users-to-update-chatgpt-and-codex-immediately\/"},"modified":"2026-04-12T10:03:31","modified_gmt":"2026-04-12T10:03:31","slug":"openai-warns-macos-users-to-update-chatgpt-and-codex-immediately","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/04\/12\/openai-warns-macos-users-to-update-chatgpt-and-codex-immediately\/","title":{"rendered":"OpenAI Warns macOS Users to Update ChatGPT and Codex Immediately"},"content":{"rendered":"

OpenAI Warns macOS Users to Update ChatGPT and Codex Immediately
\n \t

\n
<\/BR>
\n
\n \t

\n
<\/BR><\/p>\n

\n

OpenAI has disclosed a security incident tied to the compromise of Axios, a widely used third-party JavaScript developer library, as part of a broader software supply chain attack detected on March 31, 2026<\/a>.<\/p>\n

While the company confirmed no user data, API keys, or systems were compromised, it is taking aggressive precautionary measures to protect its macOS application certification infrastructure.<\/p>\n

On March 31, 2026 (UTC), threat actors believed to be linked to North Korea hijacked the npm account of an Axios library maintainer and pushed malicious updates, specifically versions v1.14.1 and v0.30.4.<\/p>\n

These compromised versions silently introduced a hidden dependency called plain-crypto-js<\/code>, which functioned as a cross-platform Remote Access Trojan (RAT) capable of targeting Windows, macOS, and Linux environments.<\/p>\n

According to Palo Alto Networks\u2019 Unit 42<\/a>, the malware was engineered to perform system reconnaissance, establish persistence, and then self-destruct to evade forensic detection.<\/p>\n

Axios is one of the most widely downloaded JavaScript libraries, with over 100 million weekly downloads, making the blast radius of this supply chain attack particularly significant.<\/p>\n

OpenAI\u2019s Incident Response<\/strong><\/h2>\n

OpenAI\u2019s internal build pipeline leveraged Axios as part of its GitHub Actions workflow. When the workflow automatically pulled the now-malicious Axios update, the compromised library gained access to certificate and notarization material used to digitally sign OpenAI\u2019s macOS applications, including ChatGPT Desktop, Codex, and Atlas.<\/p>\n

This type of access is critical: code-signing certificates are the trust anchors that verify to Apple\u2019s systems and the App Store that an application is genuinely from its claimed publisher.<\/p>\n

Had an attacker exploited this access, they could theoretically have fabricated counterfeit OpenAI applications carrying a legitimate certificate, deceiving both end-user devices and the App Store into treating them as authentic. OpenAI confirmed the root cause was a misconfiguration in its GitHub Actions workflow, which has since been remediated.<\/p>\n

\n
\n
\n
\n

We recently identified a security issue involving the third-party developer library Axios that was part of a broader industry incident. We found no evidence that OpenAI user data was accessed, that our systems were compromised, or that our software was altered.<\/p>\n

Out of an\u2026<\/p>\n

\u2014 OpenAI (@OpenAI) April 11, 2026<\/a>\n<\/p><\/blockquote>\n