tech

April 11, 2026

OpenAI flags software supply chain scare

The incident could have allowed hackers to exfiltrate a certificate that could make phony OpenAI apps look legitimate.

OpenAI flags software supply chain scare

TL;DR

  • OpenAI found evidence of a compromised update downloaded by an internal tool from an infected open-source library.
  • Hackers had hijacked accounts to publish malicious updates to the Axios JavaScript library.
  • The compromised update could have allowed hackers to exfiltrate a certificate for signing MacOS applications.
  • This could have enabled the creation of phony OpenAI apps that appear legitimate.
  • OpenAI states there is no evidence of user data, intellectual property, or internal systems being compromised.
  • AI companies are becoming targets for software supply chain attacks.
  • OpenAI will stop supporting older MacOS app versions on May 8 due to the incident.

Continue reading the original article

Made withNostr