OpenAI macOS software breach

OpenAI said a compromised software package briefly touched the system it uses to sign its macOS apps, forcing the company to replace certificates and tighten checks. (openai.com) The company said a GitHub Actions workflow downloaded and executed a malicious version of Axios, version 1.14.1, on March 31, 2026 Coordinated Universal Time. That workflow had access to the certificate and notarization files used to sign ChatGPT Desktop, Codex, Codex command-line interface, and Atlas for macOS. (openai.com) Code-signing is the digital stamp that tells a Mac an app came from a known developer and was checked by Apple. OpenAI said the risk was not that its apps were rewritten, but that a stolen certificate could help a fake app look real. (axios.com) OpenAI said it found no evidence that user data was accessed, that its systems or intellectual property were compromised, or that its software was altered. The company said it revoked the affected certificates, issued new ones, and added stricter controls around how macOS releases are verified. (cnbc.com) The company told Mac users to update ChatGPT Desktop, Codex, and Atlas to versions signed with the new certificates by May 8, 2026. OpenAI’s post said the change is meant to block “impostor software” from passing as an official release if the old signing material were ever abused. (openai.com) Axios, the software library, is a widely used tool for moving data between apps and servers, and OpenAI said its exposure came through that third-party dependency rather than through a direct break-in to OpenAI code. OpenAI described the event as part of a broader software supply-chain attack, the kind of breach that spreads through trusted tools used by many developers at once. (openai.com) The disclosure landed the same weekend that San Francisco police arrested a 20-year-old man after a Molotov cocktail was thrown at Chief Executive Sam Altman’s home and threats were made at OpenAI’s headquarters, according to police and local television station ABC7. OpenAI said no one was hurt. (abc7news.com) It also arrived less than two weeks after OpenAI said it had closed a $122 billion funding round at an $852 billion post-money valuation. CNBC reported that the round included $3 billion from individual investors through bank channels, a sign of how closely the company is being watched beyond Silicon Valley. (cnbc.com) The immediate fix is simple for users: install the newly signed Mac apps before the May 8 deadline. The larger cleanup is inside OpenAI’s build pipeline, where one poisoned download was enough to force a reset of the trust marks its software depends on. (openai.com)