- Our response to the Axios developer tool compromise | OpenAI
OpenAI responds to the Axios supply chain attack by rotating macOS code signing certificates, updating apps, and confirming no user data was compromised
- OpenAI identifies security issue involving third-party tool - CNBC
OpenAI said on Friday it had identified a security issue involving a third-party developer tool called Axios and is taking steps to protect the process that certifies its macOS applications are
- OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain . . .
OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing potential software misuse
- OpenAI says a system downloaded infected Axios software
OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently infected, legitimate open-source software library Why it matters: The incident could have allowed hackers to exfiltrate a certificate that could make phony OpenAI apps look legitimate — although OpenAI says it hasn't seen this happen
- OpenAI Unveils Supply Chain Incident with Popular JavaScript Library Axios!
OpenAI has disclosed a security breach involving an attack on the widely-used Axios JavaScript library, linked to potential North Korean actors Despite the intrusion affecting GitHub Actions workflows for OpenAI applications, there's confirmation that no user data, certificates, or systems were compromised The breach highlights broader supply-chain vulnerabilities and OpenAI's swift measures
- OpenAI Strengthens Security After Axios Library Compromise
OpenAI discovered a security breach linked to Axios, a third-party developer tool The company reassured that user data and intellectual property remained secure and quickly addressed the issue Amidst a broader supply chain attack, OpenAI swiftly updated their security protocols for macOS applications to avert any possible risks
- OpenAI responds to Axios HTTP hack by updating security certificates.
On March 31, 2026 (UTC), Axios, a widely used third-party developer library, was compromised as part of a broader software supply chain attack At that time, a GitHub Actions workflow we use in
|