OpenAI Axios Incident

OpenAI said a compromised copy of the Axios software library reached part of its macOS app-signing workflow on March 31, 2026, prompting a required app update for Mac users. (openai.com) Axios is a developer library that apps and build systems use to fetch data from the internet, like a courier carrying files between services. OpenAI said a GitHub Actions workflow used in its macOS signing process downloaded and executed the malicious Axios version 1.14.1. (openai.com) That workflow had access to a code-signing certificate and notarization material used for ChatGPT Desktop, Codex, Codex-cli, and Atlas on macOS. OpenAI said it found no evidence that user data was accessed, its systems or intellectual property were compromised, or its software was altered. (openai.com) Code signing is the digital stamp Apple uses to show an app really came from the named developer and was approved to run on a Mac. OpenAI said it rotated its macOS signing certificates and told users to update to the latest app versions to reduce the risk of fake apps appearing to come from OpenAI. (openai.com) The incident sits in the software supply chain, which is the chain of outside components, build tools, and automation that companies rely on before software reaches users. OpenAI said the problem came through a third-party library in a build workflow rather than through its model application programming interfaces or customer-facing products directly. (openai.com) OpenAI dated the compromise to March 31, 2026, Coordinated Universal Time, and described Axios as a widely used third-party developer library caught in a broader supply-chain attack. The company published its disclosure about three days later on its website. (openai.com) The company’s help center says Mac users can get ChatGPT app updates through the macOS app release channel, and OpenAI’s support guidance repeatedly directs users to run the latest macOS app version. OpenAI has not said that any malicious OpenAI-branded app was distributed to users. (help.openai.com 1) (help.openai.com 2) The disclosure follows another OpenAI security notice from December 2025 about a Mixpanel incident, where the company also said no API content, credentials, or payment details were exposed. OpenAI has been publishing more public security updates in 2026, including posts on prompt injection, bug bounties, and product security. (openai.com 1) (openai.com 2) For Mac users, the practical step is simple: install the latest OpenAI app update so the new certificates are in place. For developers, the episode is a reminder that build scripts, wrappers, and local runtimes can become targets even when the core service stays untouched. (openai.com)