OpenAI: security hiccup and product push

OpenAI said on April 10 that a compromised third-party developer tool touched its macOS app-signing process, and told Mac users to update their apps. (openai.com) The company said it found no evidence that user data was accessed, that its systems or intellectual property were compromised, or that its software was altered. Reuters and CNBC reported the affected tool was Axios, part of a broader software supply-chain incident disclosed this month. (openai.com) (cnbc.com) Software supply-chain attacks work by tampering with a tool developers trust, so the danger is not a hacked chatbot answer but a poisoned step in how software gets built or certified. OpenAI said it was rotating and reissuing the certificates that verify its macOS apps are legitimate. (openai.com) At the same time, OpenAI has started a new $100-a-month ChatGPT Pro plan aimed at heavier Codex use, with 5 times the Codex usage limits of the $20 ChatGPT Plus plan. Several outlets reported the move as a direct push at Anthropic’s Claude Code offering. (venturebeat.com) (macrumors.com) Codex is OpenAI’s coding agent inside ChatGPT, and the new pricing shows the company is separating casual chat users from developers who run longer, more frequent coding jobs. MacRumors reported the new tier keeps the broader Pro feature set while expanding coding capacity. (macrumors.com) (thurrott.com) OpenAI is also testing a desktop setup that would pull chat, web browsing and coding into one Codex-based app. TestingCatalog reported a “Scratchpad” interface that can launch multiple Codex tasks in parallel from a single workspace. (testingcatalog.com) That would fold together products that have been spreading across separate surfaces: the ChatGPT app for conversation, Atlas for browsing, and Codex for software work. TestingCatalog said the internal build points to managed agents and side-by-side task handling rather than a single chat box. (testingcatalog.com) OpenAI is also widening how it makes money from ChatGPT beyond subscriptions. Axios, as cited by Yahoo Finance and Futurism, reported that ChatGPT ads have already reached about $100 million in annual recurring revenue and that OpenAI projected much larger ad sales by 2029. (finance.yahoo.com) (futurism.com) Taken together, the last week’s disclosures show OpenAI tightening the plumbing behind its Mac software while charging more for coding power and testing a single desktop front end for chat, search and code. The immediate next step for users is simpler: update the Mac app, and watch whether Codex becomes the center of the company’s paid desktop push. (openai.com) (testingcatalog.com)