Mac ChatGPT App Gets Urgent Security Update After Supply Chain Threat Linked to North Korea

nsamag April 11, 2026

OpenAI urges all Mac users to update ChatGPT, Codex, and other apps after a supply chain attack on the Axios library, linked to North Korea. No user data was compromised. Older versions stop working after May 8, 2026.

chatgpt-mac-supply-chain-security-update-2026

What’s new: OpenAI has identified a security issue involving the third-party developer tool Axios, which was compromised as part of a software supply chain attack linked to North Korea. OpenAI confirmed that user data was not accessed, and its systems or intellectual property were not compromised. The company is revoking its old macOS signing certificate and requiring all Mac users to update their OpenAI apps to the latest versions.

Who’s affected

All macOS users of OpenAI applications — specifically ChatGPT Desktop, Codex, Codex CLI, and Atlas — need to update their applications to maintain security and continued functionality.

What happened

On March 31, 2026, the Axios JavaScript library was compromised in a supply chain attack. A GitHub Actions workflow used by OpenAI in its macOS app-signing process inadvertently downloaded and executed a malicious version of the library. That workflow had access to sensitive signing infrastructure, including the certificates and notarization materials used to authenticate OpenAI’s macOS applications.

While investigators linked the attack to actors believed to be associated with North Korea, OpenAI’s own internal analysis found no evidence that the signing certificate was actually exfiltrated or misused — based on the timing of the payload execution and additional safeguards in place. OpenAI states there is no evidence that user data was accessed or that its software was altered.

As a precautionary measure, OpenAI has revoked the old signing certificate and is requiring all users to update to newly notarized versions of its Mac apps. If a malicious actor had obtained the old certificate, they could potentially have distributed fake but seemingly legitimate OpenAI applications.

What to do

  • Update all OpenAI macOS applications (ChatGPT, Codex, Codex CLI, Atlas) to the latest versions immediately.
  • Deadline: May 8, 2026 — older versions will stop receiving updates and may eventually stop working altogether.
  • Review any third-party tools integrated into your own development workflows for similar supply chain vulnerabilities.

Sources

Related Posts:

More Stories

chatgpt-mac-supply-chain-security-update-2026

Mac ChatGPT App Gets Urgent Security Update After Supply Chain Threat

nsamag April 11, 2026
citizen-lab-law-enforcement-used-webloc-to-track-500-million-devices-via-ad-data

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

nsamag April 11, 2026
browser-extensions-are-the-new-ai-consumption-channel-that-no-one-is-talking-about

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

nsamag April 10, 2026

You may have missed

chatgpt-mac-supply-chain-security-update-2026

Mac ChatGPT App Gets Urgent Security Update After Supply Chain Threat Linked to North Korea

nsamag April 11, 2026
chatgpt-mac-supply-chain-security-update-2026

Mac ChatGPT App Gets Urgent Security Update After Supply Chain Threat

nsamag April 11, 2026
citizen-lab-law-enforcement-used-webloc-to-track-500-million-devices-via-ad-data

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

nsamag April 11, 2026
browser-extensions-are-the-new-ai-consumption-channel-that-no-one-is-talking-about

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

nsamag April 10, 2026
adobe-reader-zero-day-exploited-malicious-pdfs

Adobe Reader Zero-Day Exploited via Malicious PDFs Since December 2025

nsamag April 10, 2026