OpenAI identified a security issue tied to the third-party developer tool Axios, part of a broader software supply chain attack. On March 31, 2026, a GitHub Actions workflow used to sign macOS apps downloaded a malicious Axios version (1.14.1), potentially exposing the company’s code signing certificate. Though no evidence of data breaches or IP theft was found, OpenAI proactively revoked the compromised certificate and mandated updates for all macOS users by May 8, 2026. Affected apps include ChatGPT Desktop, Codex App, Codex CLI, and Atlas, with older versions losing support after the cutoff date.

The breach originated from a misconfigured GitHub Actions workflow lacking safeguards, allowing the malicious Axios payload to execute. OpenAI collaborated with a third-party forensics firm and Apple to block future notarizations using the old certificate. While no misuse has been detected, the company emphasized updating apps via official channels to avoid risks from spoofed software. Users are warned against third-party installers and urged to monitor for updates.

Affected apps represent the earliest releases signed with the updated certificate. OpenAI confirmed no unauthorized modifications to existing software and stated macOS security protections will block untrusted apps post-revocation. The incident underscores vulnerabilities in developer tool ecosystems and the critical role of secure supply chain practices. Technical details and FAQs are available on OpenAI’s website.