OpenAI flags macOS tool issue

OpenAI said on April 10 that a compromised third-party coding tool touched the process used to verify its Mac apps, and it told users to update. (openai.com) The company said it found no evidence that user data was accessed, its systems or intellectual property were compromised, or its software was altered. Reuters reported the issue was tied to the certification chain for macOS apps rather than a direct breach of customer data. (openai.com) (reuters.com) A software supply-chain attack works like tampering with a trusted parts shipment before it reaches the factory. OpenAI said that on March 31, 2026, one of its GitHub Actions workflows downloaded and ran a malicious version of Axios, version 1.14.1, during the macOS app-signing process. (openai.com) That workflow had access to a signing certificate and notarization material used for ChatGPT Desktop, Codex App, Codex command-line interface, and Atlas. On Apple devices, those certificates are the digital ID cards that help macOS show software really came from the named developer. (openai.com) (support.apple.com) OpenAI said its investigation found the certificate was likely not stolen because of the timing of the malicious code, when the certificate was injected into the job, and other safeguards. The company said it is still revoking and rotating that certificate as a precaution. (openai.com) That step matters for Mac users because a stolen signing certificate could help a fake app look authentic to the operating system. Axios reported OpenAI saw a risk that attackers could use such a certificate to make phony OpenAI apps appear legitimate, even though the company said it has not seen that happen. (axios.com) (openai.com) OpenAI said all macOS users need the latest versions of its apps, and it listed the first releases signed with the new certificate: ChatGPT Desktop 1.2026.051, Codex App 26.406.40811, Codex command-line interface 0.119.0, and Atlas 1.2026.84.2. It also said that, effective May 8, 2026, older versions will no longer receive updates or support and may stop functioning. (openai.com) The company said it hired a third-party digital forensics and incident response firm, published new builds of the affected Mac products, and worked with Apple so software signed with the old certificate could not be newly notarized. It also said a review of prior notarizations found no unexpected software approved with those keys. (openai.com) The episode shows how a problem in a widely used developer library can ripple into app distribution without altering the app itself. For OpenAI users on macOS, the practical step is simpler: install the current versions before the old certificate ages out on May 8. (openai.com) (9to5mac.com)