Security Risks from Axios Developer Tool Compromise in macOS Apps

On March 31, 2026, a widely reported compromise of the Axios developer tool highlighted vulnerabilities in the software supply chain. OpenAI identified that a malicious version of Axios was used during the macOS app-signing process, leading to precautionary measures. While no evidence of user data breaches or software alterations was found, OpenAI is taking steps to ensure the integrity of its applications.

Technical Solution: Updating macOS Application Security Certificates

The primary response involved revoking and rotating the macOS app-signing certificates. These certificates are essential for confirming that the apps originate from OpenAI and have not been tampered with. The certificate rotation ensures that any potential risk, even if unlikely, is mitigated effectively. This step addresses concerns about the possibility of malicious actors distributing fake applications under OpenAIs name.

Effective May 8, 2026, all older versions of macOS applications, including ChatGPT Desktop, Codex, Codex CLI, and Atlas, will no longer receive updates or support. Users must upgrade to the latest versions to maintain security and functionality.

Analysis of the Axios Incident

The root cause of the compromise was traced to the Axios library version 1.14.1, which was introduced into OpenAIs GitHub Actions workflow. This workflow is responsible for downloading and executing dependencies during the macOS app-signing process. The malicious payload attempted to exploit the process, but analysis indicates that critical certificate and notarization materials were not successfully exfiltrated.

The timing of the payload execution, its injection into the workflow, and other mitigating technical controls likely thwarted the malicious intent. Despite this, OpenAI opted to treat the certificate as compromised to eliminate any residual risk.

Steps for Users to Update macOS Applications

OpenAI has ensured that users can update their macOS applications through secure and straightforward methods. Users can access in-app update mechanisms to download the latest secure versions of affected applications. Alternatively, updates are available through official channels, ensuring that no unofficial or potentially compromised sources are used.

Updating to the newest versions of these applications ensures continued security and compatibility. Users are strongly encouraged to act promptly to avoid disruptions in app functionality and to maintain a secure environment for their interactions with OpenAI software.

OpenAIs Commitment to Security and Transparency

OpenAI emphasizes its dedication to the security and privacy of its users. Transparency has been a cornerstone of its response to this incident, with a detailed analysis and prompt action taken to address potential risks. By sharing technical details and offering direct update paths, OpenAI demonstrates its proactive approach to safeguarding its ecosystem.

The organization also plans to continue monitoring its supply chain dependencies and app-signing workflows to prevent future incidents. This includes additional hardening of security controls and regular audits to ensure the resilience of its processes against evolving threats.

Future Preventative Measures in Software Supply Chain Security

To minimize the risk of similar incidents, OpenAI is implementing stricter controls on third-party dependencies. These include enhancing the review processes for external libraries, strengthening monitoring of automated workflows, and deploying advanced tools for threat detection during the development pipeline.

Collaborating with the broader tech community, OpenAI aims to contribute to industry-wide awareness of supply chain security risks. By adopting these measures, the organization reaffirms its commitment to staying ahead of emerging challenges in the cybersecurity landscape.