TanStack Supply Chain Attack Hits Two OpenAI Employee Devices, Forces macOS Updates
A TanStack supply chain attack compromised two OpenAI employee devices. OpenAI revoked and reissued code-signing certificates for ChatGPT Desktop, Codex, and Atlas; macOS users must update before June 12.
What’s new: OpenAI reported that two employee devices were compromised in a supply chain attack targeting TanStack. The attack involved unauthorized access and credential-focused exfiltration from internal source code repositories. OpenAI confirmed that no user data, production systems, or intellectual property were compromised. In response, the company revoked and reissued code-signing certificates for its macOS applications, requiring users to update their apps to prevent potential risks.
Who’s affected
OpenAI employees and users of macOS applications including ChatGPT Desktop, Codex App, Codex CLI, and Atlas are affected. Additionally, other organizations associated with TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI may also be impacted due to the ongoing supply chain attack campaign.
What to do
- macOS users of OpenAI applications should update to the latest versions before June 12, 2026, to ensure continued access and security.
- Monitor for any unusual activity in internal source code repositories and user credentials.
- Review and rotate credentials for any potentially affected repositories.
