In the complex world of software development, supply chain attacks have become a significant concern for organizations large and small. OpenAI recently encountered this challenge when a widely used developer tool called Axios—a library developers use to simplify how apps make requests over the internet—was compromised as part of a broader, industry-wide incident. This event serves as a stark reminder that even the most advanced AI organizations rely on a sprawling web of third-party code, each piece acting as a potential entry point for security threats.

Specifically, the issue occurred within a GitHub Actions workflow—a set of automated instructions that helps developers test and deploy their software. On March 31, 2026, an automated process inadvertently downloaded a malicious version of the Axios library. Because this specific workflow managed the digital signatures for OpenAI's macOS applications, it briefly held the keys required to notarize software, essentially the digital 'seal of approval' that tells your Mac that an application is safe to run and comes from a trusted developer.

While OpenAI’s internal investigations have turned up no evidence that user data was accessed or that the malicious actors managed to successfully exfiltrate the signing certificates, the company is prioritizing caution. They have effectively 'rotated' these digital certificates, meaning they have invalidated the old ones and issued new, secure ones. For the everyday user, this has one clear, unavoidable consequence: if you use ChatGPT Desktop, Codex, or Atlas on your Mac, you must update your software immediately.

The timeline here is critical. After May 8, 2026, older versions of these applications signed with the now-compromised certificates will no longer be supported and will likely cease to function entirely as the operating system will begin blocking them. This proactive step helps ensure that if a bad actor had somehow managed to sign their own malicious software using the old certificate, their programs would be rejected by your computer's security features. It is a textbook example of how modern software security relies on rapid incident response and clear communication to maintain trust in an interconnected digital ecosystem.

In the complex world of software development, supply chain attacks have become a significant concern for organizations large and small. OpenAI recently encountered this challenge when a widely used developer tool called Axios—a library developers use to simplify how apps make requests over the internet—was compromised as part of a broader, industry-wide incident. This event serves as a stark reminder that even the most advanced AI organizations rely on a sprawling web of third-party code, each piece acting as a potential entry point for security threats.

Specifically, the issue occurred within a GitHub Actions workflow—a set of automated instructions that helps developers test and deploy their software. On March 31, 2026, an automated process inadvertently downloaded a malicious version of the Axios library. Because this specific workflow managed the digital signatures for OpenAI's macOS applications, it briefly held the keys required to notarize software, essentially the digital 'seal of approval' that tells your Mac that an application is safe to run and comes from a trusted developer.

While OpenAI’s internal investigations have turned up no evidence that user data was accessed or that the malicious actors managed to successfully exfiltrate the signing certificates, the company is prioritizing caution. They have effectively 'rotated' these digital certificates, meaning they have invalidated the old ones and issued new, secure ones. For the everyday user, this has one clear, unavoidable consequence: if you use ChatGPT Desktop, Codex, or Atlas on your Mac, you must update your software immediately.

The timeline here is critical. After May 8, 2026, older versions of these applications signed with the now-compromised certificates will no longer be supported and will likely cease to function entirely as the operating system will begin blocking them. This proactive step helps ensure that if a bad actor had somehow managed to sign their own malicious software using the old certificate, their programs would be rejected by your computer's security features. It is a textbook example of how modern software security relies on rapid incident response and clear communication to maintain trust in an interconnected digital ecosystem.