OpenAI credential-stealing malware found hidden inside popular Codex tool
Source: Cybernews
Published:
<p>A popular Codex tool used by thousands of developers has been secretly stealing users’ login tokens for the past month – all by triggering the installation of a malicious npm package – and it’s still available for download on Google Play as of today.</p> <p>Aikido Security researcher Charlie Erik