OpenAI flags macOS security update
OpenAI disclosed a security issue tied to a third-party tool and said its investigation found user data was not accessed, while urging macOS desktop users to update because older app versions will stop receiving updates or support after May 8 (marketscreener.com) (9to5mac.com).
OpenAI is telling macOS users to update its desktop apps after a security issue touched the system that verifies whether a Mac app really came from OpenAI. (openai.com) The company said on April 10 that the issue involved Axios, a third-party developer tool, and was part of a broader industry incident reported on March 31. OpenAI said its investigation found no evidence that user data, internal systems, intellectual property, or software were compromised. (openai.com) The update applies to four OpenAI Mac apps: ChatGPT Desktop, Codex App, Codex Command Line Interface, and Atlas. OpenAI said all macOS users should move to the latest versions because older versions may stop working after May 8, 2026. (9to5mac.com) A Mac app’s certificate works like a digital ID card that tells the operating system who signed the software. OpenAI said it is replacing those security certifications so a fake app cannot more easily pose as an official OpenAI release. (openai.com) OpenAI said the problem sat in a GitHub Actions workflow used to sign Mac apps, not in ChatGPT conversations or customer accounts. Reuters reported that the workflow downloaded a compromised version of Axios before OpenAI tightened the verification process. (msn.com) The company’s public message is narrow: update the Mac apps, use official download links, and expect support for older builds to end on May 8. OpenAI’s help page for the ChatGPT Mac app says the software runs on macOS 14 and Apple Silicon Macs. (9to5mac.com) (help.openai.com) The episode fits a pattern that security teams call a supply-chain attack, where attackers target a shared tool used by many developers instead of breaking into each company one by one. OpenAI said this case was tied to a “widely reported” industry incident rather than a direct breach of OpenAI’s own user database. (openai.com) For Mac users, the practical deadline is May 8, 2026: update now, or risk losing updates, support, and in some cases the app itself. OpenAI said the change is a precaution, but it is treating the signing system seriously enough to force the transition. (openai.com)
