Supply Chain Attack Compromises OpenAI Systems
OpenAI has confirmed that two employee devices within its corporate network were compromised as part of the TanStack supply chain attack, an incident tracked under the name Mini Shai Hulud. The company disclosed that the malicious activity resulted in unauthorized access to a limited number of internal source code repositories accessible to the affected employees. According to OpenAI, no user data, production systems, or intellectual property were altered or accessed without authorization during the incident.
Impact and Remediation Efforts
In response to the breach, OpenAI moved quickly to isolate affected systems and revoke user sessions. The company rotated all credentials across the impacted repositories and temporarily restricted code deployment workflows while auditing user and credential behavior. Investigators observed activity consistent with the malware’s known behavior, including credential focused exfiltration attempts. OpenAI confirmed that only limited credential material was successfully transferred from these repositories, with no other code or information compromised.
Mandatory macOS Updates Required
Because the affected repositories contained signing certificates for iOS, macOS, and Windows products, OpenAI has revoked those certificates and issued replacements. As a result, macOS users of ChatGPT Desktop, Codex App, Codex CLI, and Atlas must update their applications to the latest versions. OpenAI warned that this measure prevents any remote possibility of someone distributing fake apps appearing to be from OpenAI. The certificate revocation is scheduled for June 12, 2026, after which macOS built in protections will block downloads and launches of apps signed with the old certificates. Windows and iOS apps are not affected. This marks the second time OpenAI has rotated its macOS code signing certificates within two months.
Source: The Hacker News
