OpenAI Identifies Security Issue with Third-Party Tool, Ensures User Data Safety
OpenAI has reported a security issue involving a third-party developer tool named Axios. The company is taking measures to protect the certification process of its macOS applications, ensuring they remain legitimate OpenAI apps. Despite the security breach, OpenAI confirmed that no user data was accessed, and its systems, intellectual property, and software integrity remain uncompromised. The incident was part of a broader software supply chain attack, allegedly linked to North Korean actors, which compromised Axios on March 31. OpenAI's GitHub Actions workflow inadvertently downloaded and executed a malicious version of Axios, which had access to critical signing certificates for macOS applications. OpenAI has since updated its security certifications and requires macOS users to update their apps to prevent potential risks. Older versions of OpenAI's macOS apps will cease receiving updates or support from May 8. 
