When a Mac flags the ChatGPT app as malware, users notice the program moved to Trash and refuses to launch. The warning comes from macOS’s built‑in Xprotect, which scans every app for malicious code. The alert isn’t a judgment on ChatGPT itself; it’s macOS protecting the system.

Since 2022, Xprotect has run periodic scans that flag unsigned or re‑certified binaries. OpenAI switched the ChatGPT installer’s notarization certificate amid a third‑party tool incident, causing Xprotect to mark the app as suspect. The change prompted users to re‑download from the developer to restore notarization.

Apple’s Xprotect logic bases trust on a certificate chain; when the chain breaks, the app is quarantined. OpenAI clarified no malware was injected and urged users to update by May 8, 2026. Those who missed the deadline now face a forced reinstall, which safeguards against potential impersonator attacks.

Users should delete any cached copies, then download the latest build from OpenAI’s official site. The reinstall restores the correct notarization, allowing the app to launch normally. This episode underscores the importance of certificate management in macOS security and reminds developers to coordinate updates with Apple’s notarization timeline.