Recently, OpenAI announced that due to a cyberattack on the third-party development library Axios, which it relies on, it has decided to update its security certificate to ensure the safety of user data. According to an OpenAI blog post, hackers successfully infiltrated the account of Axios maintainers and injected a malicious script, which could potentially allow remote access to Windows, macOS, and Linux devices.

OpenAI

The root cause of this incident can be traced back to March 31, 2026 (UTC), when Axios, a widely used third-party development library, became part of a larger-scale software supply chain attack. In this event, OpenAI used a GitHub Actions workflow to download and execute a maliciously tampered version of Axios (1.14.1) during the signing process of its macOS application. This workflow had access to certificates and authentication materials used to sign macOS applications, including ChatGPT Desktop, Codex, Codex-cli, and Atlas.

The purpose of this certificate is to assure users that the software comes from the legitimate developer, OpenAI. To address this issue, OpenAI took swift action, releasing an updated version and replacing the relevant certificates to reduce the risk of potential attacks. Users should update their applications as soon as possible to ensure they are using a secure version and avoid potential security risks.

In its statement, OpenAI reiterated the importance of protecting user information security, stating that it will continue to monitor and enhance system security to prevent such incidents from recurring. Additionally, OpenAI also reminded users to stay vigilant, regularly check and update their software to safeguard their personal data.

Key Points:

🌐 A hacker attack led to the tampering of the Axios library, posing a potential security risk to user devices.

🔒 OpenAI has updated the certificate and released a new version of the application to reduce potential risks.

⚠️ Users should update their applications as soon as possible to ensure safe usage.