OpenAI macOS security alert

OpenAI is telling macOS users to update its desktop apps after a flaw in its app-signing pipeline exposed a certificate used to prove software was really from OpenAI. (openai.com) OpenAI said the issue traces to March 31, 2026, when a GitHub Actions workflow in its macOS signing process downloaded a malicious version 1.14.1 of Axios, a widely used developer library. That workflow had access to a signing certificate and Apple notarization material for ChatGPT Desktop, Codex App, Codex command-line interface, and Atlas. (openai.com) A signing certificate is the digital equivalent of a company seal: macOS uses it to show an app came from the named developer. OpenAI said the risk was that someone could try to ship a fake OpenAI app that appeared legitimate, not that the company found altered OpenAI software in the wild. (openai.com; axios.com) OpenAI said it found no evidence that user data was accessed, that its systems or intellectual property were compromised, or that its software was altered. The company also said passwords and OpenAI application programming interface keys were not affected. (openai.com; cnbc.com) The company is revoking and rotating the old certificate and publishing new macOS builds signed with the replacement. OpenAI said it is also working with Apple so software signed with the previous certificate cannot be newly notarized. (openai.com) That matters because notarization is Apple’s extra malware check for Mac apps distributed outside the App Store. If Apple blocks fresh notarization with the old certificate, a stolen credential becomes much less useful for pushing new fake apps. (openai.com) OpenAI said the root cause was a misconfiguration in the GitHub Actions workflow, and that it has corrected the setup. The company said it also brought in a third-party digital forensics and incident response firm during the investigation. (cnbc.com; openai.com) The cutoff date for older builds is May 8, 2026. After that, older macOS versions of ChatGPT Desktop, Codex App, Codex command-line interface, and Atlas will no longer get updates or support and may stop working, OpenAI said. (openai.com) OpenAI listed the earliest safe builds signed with the new certificate as ChatGPT Desktop version 1.2026.051, Codex App version 26.406.40811, Codex command-line interface version 0.119.0, and Atlas version 1.2026.84.2. Users can update through the app or OpenAI’s official download pages. (openai.com) The warning lands as desktop artificial intelligence tools are getting deeper access to coding apps, terminals, files, and local workflows on Macs. OpenAI’s own help pages show the macOS app has expanded steadily since late 2024, which makes trust in the app’s signature and update chain more important than before. (help.openai.com; help.openai.com) For Mac users, the practical step is simple: update now and stop relying on older builds before May 8. OpenAI’s message is that the apps themselves were not found to be tampered with, but the credential used to vouch for them is being replaced anyway. (openai.com)