OpenAI fixes Axios bug

OpenAI said on April 10 that it fixed a security issue tied to the Axios software supply-chain attack and found no evidence that user data was accessed. (openai.com) The company said a GitHub Actions workflow in its macOS app-signing process downloaded and ran the malicious Axios version 1.14.1 on March 31, 2026. That workflow handled the certificate and notarization material used to sign ChatGPT Desktop, Codex, Codex Command Line Interface, and Atlas for macOS. (openai.com) OpenAI said its investigation found no evidence that its systems, intellectual property, or published software were altered. It is still revoking and rotating the affected macOS signing certificate and told users to install the latest app versions. (openai.com) A signing certificate is the digital stamp that tells macOS an app really came from the named developer. OpenAI said the update is meant to block a scenario in which a fake app could appear to be an official OpenAI app. (openai.com) The incident started in the software supply chain, the chain of outside code and tools companies use to build their own products. Microsoft said two Axios package releases published on March 31, versions 1.14.1 and 0.30.4, were poisoned with a malicious dependency that could fetch remote malware during installation. (microsoft.com) Microsoft attributed the Axios compromise to Sapphire Sleet, a North Korean state actor, and said the malicious packages targeted macOS, Windows, and Linux systems. Microsoft also said Axios is used in more than 70 million weekly downloads, which widened the potential blast radius for downstream developers. (microsoft.com) OpenAI said older versions of its affected macOS apps will stop receiving updates or support on May 8, 2026, and may stop functioning. It listed the first safe builds signed with the new certificate as ChatGPT Desktop 1.2026.051, Codex App 26.406.40811, Codex Command Line Interface 0.119.0, and Atlas 1.2026.84.2. (openai.com) The company said it also hired a third-party digital forensics and incident response firm, reviewed notarization records tied to the old certificate, and worked with Apple so software signed with that certificate cannot be newly notarized. OpenAI’s macOS release notes also show a February 13, 2026 update that “phased out certificate pinning exceptions,” a separate hardening step in the desktop app. (openai.com) (help.openai.com) The practical advice from OpenAI is narrow but urgent: if you use its macOS apps, update through the app itself or OpenAI’s official download pages before the old certificate is retired. The company said it is treating the certificate as compromised even though its analysis suggests the malicious code likely did not steal it. (openai.com)