OpenAI has disclosed a security incident involving a compromised third-party software library that briefly gave attackers potential access to the certificates used to authenticate its macOS applications.
The company said the Axios JavaScript library, a widely used open-source tool for handling web requests, was compromised as part of a broader software supply chain attack by actors it believes are linked to North Korea.
A GitHub Actions workflow, an automated process used in software development, downloaded and executed a malicious version of Axios, OpenAI said.
That workflow had access to certificate and notarisation material used to sign macOS applications including ChatGPT Desktop, Codex, Codex-cli, and Atlas, the company confirmed.
OpenAI said its analysis concluded the signing certificate present in the workflow was likely not successfully extracted by the malicious payload.
The company added it found no evidence that user data, its systems, or its intellectual property had been compromised, and said its software had not been altered.
Passwords and OpenAI API keys were not affected, according to the announcement.
OpenAI attributed the root cause to a misconfiguration in the GitHub Actions workflow, which it said has since been corrected.
As a precautionary measure, the company is updating its security certifications and is requiring all macOS users to update their OpenAI applications to the latest versions.
The update is designed to reduce the risk of fake application distribution, a threat that becomes more acute when certificate integrity is in question.
Related reading
- Microsoft warns AI agents risk becoming "double agents" as it unveils security controls at RSAC
- OpenAI's Sam Altman warns AI bioweapon and cyberattack risks are 'no longer a theoretical thing'
- Open-source AI agent OpenClaw is being used to run people's lives. Researchers say it has become a security d…
OpenAI warned that older versions of its macOS apps will soon stop receiving updates and support, and may eventually stop functioning altogether.
The incident is part of a pattern of suspected North Korean state-linked actors targeting software supply chains to gain access to widely distributed codebases, a technique that can affect large numbers of downstream users without directly breaching their systems.
The recap
- OpenAI identified a security issue involving the Axios developer tool.
- A GitHub Actions workflow downloaded a "malicious" version of Axios.
- Older macOS app versions will stop receiving updates and support.
