OpenAI security glitch surfaces
OpenAI disclosed a security issue tied to a third‑party developer tool used in macOS app certification, and said user data was not accessed while it took protective steps. The disclosure lands amid widening regulatory scrutiny of AI distribution and safety, including government concerns about AI‑assisted cyberattacks and a recent probe by Florida’s attorney‑general into OpenAI’s risks to minors. (reuters.com) (iapp.org) (nationaltoday.com)
OpenAI said on April 10 that a security problem touched the chain it uses to prove its Mac apps are really from OpenAI, but the company said it found no evidence that user data, internal systems, or intellectual property were accessed. The weak point was not ChatGPT itself. It was a third-party coding tool called Axios that OpenAI says was compromised on March 31 as part of a broader software supply chain attack. A software supply chain attack is the digital version of tampering with a factory part before it reaches the assembly line. OpenAI said one of its GitHub Actions workflows downloaded and ran the malicious Axios package during the process for signing Mac apps. That signing step matters because a code-signing certificate is the badge macOS uses to decide whether an app really came from the named developer. OpenAI said that workflow had access to certificate and notarization material for ChatGPT Desktop, Codex, Codex command-line tool, and Atlas. OpenAI’s investigators said the malicious payload likely did not succeed in stealing the certificate because of the timing and sequence of the job. OpenAI still treated the certificate as compromised, revoked it, and rotated to a new one anyway. That is why Mac users are being told to update now. OpenAI said older versions of its Mac apps will stop receiving updates or support on May 8, 2026, and may stop functioning. OpenAI also said it hired a third-party digital forensics and incident response firm, rebuilt the affected Mac products with the new certificate, and worked with Apple so software signed with the old certificate cannot be newly notarized. OpenAI said it reviewed past notarizations and found no unexpected software signed with the old keys. The timing is awkward because AI companies are already being pressed on a different security question: whether stronger models will help defenders faster than they help attackers. The International Association of Privacy Professionals reported on April 10 that Anthropic’s Claude Mythos preview pushed governments and banks to prepare for larger AI-driven cyberattacks. OpenAI is also facing state-level pressure far from Mac app signing. Florida Attorney General James Uthmeier said on April 9 that he was investigating OpenAI over alleged risks to minors, public safety concerns, and possible links between ChatGPT use and the April 17, 2025 shooting at Florida State University. So this week’s OpenAI story is not a customer-data breach. It is a reminder that in 2026, an artificial intelligence company can be judged at the same time on the safety of its models, the security of its software pipeline, and the way its tools reach ordinary users.
