OpenAI flags macOS bug

OpenAI told Mac users on April 10 to update ChatGPT and Codex after it found a security issue in a third-party developer tool called Axios that touched the process used to prove its apps were really from OpenAI. The company said it found no evidence that user data was accessed, its systems were breached, its intellectual property was taken, or its software was altered. (openai.com, reuters.com) The weak point here was not the chatbot itself. The weak point was the digital paperwork around a Mac app, the part that tells your computer “this file came from the real developer and has not been tampered with.” (developer.apple.com, developer.apple.com) Apple calls one layer of that paperwork code signing. A developer signs an app with a unique certificate, and macOS can then detect if the app changes after it is signed, whether by accident or by malicious code. (developer.apple.com) Apple adds a second layer called notarization for many apps distributed outside the Mac App Store. Apple says its notary service scans the software for malicious content, checks code-signing issues, and issues a ticket that Gatekeeper can verify when a user opens the app. (developer.apple.com, developer.apple.com) OpenAI said the Axios tool was part of that certification chain for its macOS apps. The company is now updating its security certifications and wants all macOS users on the latest versions to reduce the risk of someone trying to distribute a fake OpenAI app. (openai.com, 9to5mac.com) That detail matters because a compromised tool in the build or signing pipeline can create trust problems even if the finished app was never changed. If attackers can interfere with the badge on the box, users can no longer rely on the badge alone. (developer.apple.com, openai.com) Apple’s own documentation says the notary service keeps an audit trail of software distributed with a signing key, and developers can work with Apple to revoke tickets for unauthorized versions. That is why certificate updates and forced app updates are standard damage-control moves in this kind of incident. (developer.apple.com, developer.apple.com) Reuters reported that Axios was part of a broader industry incident, which means OpenAI was dealing with the same supply-chain problem that can hit many software companies at once. One shared tool can sit inside hundreds of products, so one compromise can ripple far beyond one brand. (reuters.com, openai.com) For OpenAI, this lands in a company already judged on safety from two directions at once: what its models say and how its software is shipped. A bug in the delivery pipeline can damage trust almost as fast as a bug in the model, because users still have to believe the app on their screen is the real one. (openai.com, developer.apple.com)