Codex - Tool

Threat entity extracted from intelligence sources

Frequency
33
occurrences
First Seen
November 5, 2025
Last Seen
July 7, 2026

Codex is a tool tracked across 24 threat clusters and 33 intelligence report mentions on ThreatCluster. First observed November 5, 2025; most recent activity July 7, 2026.

Related Threat Clusters

  • OpenAI Codex Fails to Mitigate Linux Threats During Cyber Incident

    A Linux user attempted to use OpenAI's Codex AI agent for incident response during a cyberattack but faced significant challenges. The user was unaware that at least two threat actors had compromised their system,…

    2 articles · Updated April 22, 2026
  • Critical ChatGPT Data Leak Exploited via DNS Channel

    A recently discovered vulnerability in ChatGPT allowed attackers to exfiltrate sensitive user data through a covert DNS channel. Researchers from Check Point found that a single malicious prompt could activate this…

    13 articles · Updated March 30, 2026
  • AI Agents Used in Cyber Attacks on 14 Companies

    A low-skilled attacker exploited AI agents Claude and Codex to breach 14 companies. Researchers from OALABS analyzed over 1,000 sessions from a compromised server, revealing how the attacker bypassed security measures…

    11 articles · Updated June 17, 2026
  • AI Codex Exploits Samsung TV Vulnerability for Root Access

    An AI coding assistant, Codex, has demonstrated the ability to gain root access on Samsung Smart TVs by exploiting vulnerabilities in the KantS2 Tizen firmware. The attack leveraged world-writable kernel drivers,…

    4 articles · Updated April 14, 2026
  • Tenzai Enhances AI Security Testing for Modern Applications

    Tenzai, a leading autonomous offensive security company, has expanded its AI hacker capabilities to include AI applications, addressing vulnerabilities in web, API, and AI application layers. This move comes as Gartner…

    2 articles · Updated June 1, 2026
  • New GitHub Exploit Allows AI Coding Agents to Execute Malicious Payloads

    Researchers from Mozilla's 0DIN have demonstrated a new attack vector that allows AI coding agents, specifically Anthropic's Claude Code, to execute malicious payloads from seemingly benign GitHub repositories. The…

    54 articles · Updated June 28, 2026
  • Apple Accelerates Security Updates Amid AI-Driven Cyber Threats

    Apple has released iOS 26.5.2, iPadOS 26.5.2, and macOS 26.5.2 earlier than planned to address over 30 security vulnerabilities, primarily affecting WebKit and the operating system kernel. This decision was made in…

    50 articles · Updated June 29, 2026
  • OpenAI Launches GPT-5.4-Cyber Amidst Cybersecurity Arms Race

    OpenAI has introduced GPT-5.4-Cyber, a specialized AI model for defensive cybersecurity, available only to vetted professionals through its Trusted Access for Cyber (TAC) program. This model is designed to facilitate…

    232 articles · Updated April 14, 2026
  • OpenAI Launches Cybersecurity Initiative in South Korea

    On May 27, 2026, OpenAI announced its inclusion of South Korea in its cybersecurity program, allowing access to advanced AI models for cyber defense. The initiative, known as the Korea Cyber Action Plan, aims to enhance…

    8 articles · Updated May 27, 2026
  • OpenClaw Ecosystem Faces Ongoing Security Vulnerabilities

    The OpenClaw ecosystem, previously known as ClawdBot and Moltbot, is experiencing significant security vulnerabilities, including bot takeover and remote code execution (RCE) exploits. Security researchers, including…

    298 articles · Updated February 2, 2026

Recent Intelligence Reports

  • GitLost: a public GitHub issue can steer an org's Agentic Workflow into leaking private repo contents, and a one-word prefix ("Additionally") bypassed the threat — Reddit · July 7, 2026
  • Apple Fixes WebKit Flaws in iOS and macOS, With Help From AI Tools — Securityaffairs.Co · June 30, 2026
  • Low-skilled attacker used Claude, Codex to breach 14 companies — Feeds2.Feedburner · June 17, 2026
  • Hackers Using Claude and OpenAI’s Codex for Exploitation, and Data Exfiltration Activities — Cybersecuritynews · June 17, 2026
  • NewCore has emerged from stealth with $66 million in funding — newcore.com · June 15, 2026
  • As AI agents become employees, NewCore emerges with $66M to give them identities — Techcrunch · June 15, 2026
  • Tenet Security Reveals Agentjacking Exploit Against Coding Agents | Let's Data Science — Letsdatascience · June 12, 2026
  • New “Agentjacking” Attacks Could Hijack AI Coding Agents — Infosecurity-Magazine · June 11, 2026

CVSS v3.1 Breakdown