OpenAI Issues Urgent Security Update Following Axios Compromise

Severity: High (Score: 66.7)

Sources: Aol, Rootdata, www.benzinga.com, Seekingalpha, Panewslab

Summary

OpenAI has identified a security issue involving the third-party developer library Axios, which was compromised on March 31, 2026, as part of a broader software supply chain attack. The attack did not result in any user data being accessed, nor were OpenAI's systems or software altered. OpenAI is updating its security certifications and requiring all macOS users to update their applications to the latest versions to mitigate the risk of counterfeit software. The compromised GitHub Actions workflow had access to sensitive signing materials for macOS applications, including ChatGPT Desktop and Codex. OpenAI is treating the signing certificate as compromised, even though it likely was not successfully exfiltrated. Effective May 8, 2026, older versions of the macOS applications will no longer receive updates or support. The incident highlights the increasing risk of supply chain attacks targeting trusted third-party tools. Key Points: • OpenAI's Axios library was compromised in a supply chain attack on March 31, 2026. • No user data or systems were compromised, but OpenAI is revoking its signing certificate. • All macOS users must update their applications by May 8, 2026, to avoid using unsupported versions.

Key Entities

• Data Breach (attack_type)
• Supply Chain Attack (attack_type)
• OpenAI (company)
• North Korea (country)
• benzinga.com (domain)
• htdigital.in (domain)
• T1036 - Masquerading (mitre_attack)
• T1105 - Ingress Tool Transfer (mitre_attack)
• T1195 - Supply Chain Compromise (mitre_attack)
• T1553.001 - Gatekeeper Bypass (mitre_attack)
• Android (platform)
• Axios (platform)
• IOS (platform)
• Linux (platform)
• MacOS (platform)
• GitHub Actions (tool)