OpenAI Rotates macOS Certs
OpenAI revoked its macOS app‑signing certificate after a malicious Axios dependency was discovered in its supply chain, and said no user data were accessed. (thehackernews.com) (thehindu.com)
OpenAI said it rotated the certificates used to sign its macOS apps after a tainted software package reached part of its app-signing workflow, with no evidence of user-data access. (openai.com) The company said the issue began on March 31, 2026, when a GitHub Actions workflow in its macOS signing process downloaded and ran Axios version 1.14.1, a compromised release of a widely used JavaScript library. That workflow had access to signing and notarization material for ChatGPT Desktop, Codex, Codex-cli, and Atlas. (openai.com) Code-signing certificates are digital ID cards that tell macOS an app really came from the developer it claims to be from. OpenAI said it revoked the affected certificate, issued new certificates, and began shipping newly signed versions of its macOS apps “out of an abundance of caution.” (openai.com) OpenAI said it found no evidence that the attacker used the exposed materials to sign malware, alter released software, access production systems, or reach user data, passwords, application programming interface keys, or billing information. Reuters, via The Hindu, reported the company disclosed the issue on Friday, April 11. (openai.com) (thehindu.com) The incident sits in the software supply chain, the chain of outside code and tools that companies pull into their own systems. In this case, the risk was not a bug in ChatGPT itself but a poisoned dependency inside a developer pipeline that helps stamp Mac apps as trusted. (openai.com) (bleepingcomputer.com) OpenAI told enterprise customers to update any macOS allowlists that check certificate fingerprints or signing-organization names. Its help page says the Team ID stays the same at 2DC432GLL2, while the organization name to allow is “OpenAI OpCo, LLC,” with a new certificate fingerprint. (help.openai.com) The broader Axios compromise reached beyond OpenAI. BleepingComputer reported that a GitHub account tied to an Axios maintainer was abused to publish malicious package versions, and The Verge reported the inserted script could give remote access on Windows, macOS, and Linux systems that ran it. (bleepingcomputer.com) (theverge.com) OpenAI said it has added extra hardening to its signing workflow, including stronger isolation, tighter credentials handling, and more monitoring around build and release systems. The immediate next step for Mac users is simpler: install the latest OpenAI app updates so the software carries the new trust chain. (openai.com)
