OpenAI rotates Mac certs after TanStack worm hits employees

OpenAI just rotated the Mac app-signing certificates for ChatGPT, Codex, and Atlas — the second cert rotation in about six weeks. If you use any of these apps on a Mac, you need to update before June 12, 2026, or the old versions stop launching. The first rotation came in early April after an npm package called Axios was hijacked. Researchers linked that attack to North Korea's Lazarus group, who tricked the Axios maintainer into handing over his publishing access. A GitHub Actions workflow at OpenAI that signs their macOS apps then pulled the malicious version into the signing pipeline. OpenAI rotated certs and said they were accelerating security controls to reduce supply-chain risk. Then on May 11, a different supply-chain attack — a self-spreading npm worm researchers are calling Mini Shai-Hulud — reached two OpenAI employees' machines. Those employees had access to internal source code that included app-signing material. OpenAI says no customer data, production systems, intellectual property, or deployed software was impacted, and that they observed activity consistent with the malware's behavior in a limited set of internal repositories. Sources: https://openai.com/index/our-response-to-the-tanstack-npm-supply-chain-attack/ https://openai.com/index/axios-developer-tool-compromise/ https://www.bleepingcomputer.com/news/security/openai-confirms-security-breach-in-tanstack-supply-chain-attack/ https://tanstack.com/blog/npm-supply-chain-compromise-postmortem https://thehackernews.com/2026/04/openai-revokes-macos-app-certificate.html More on cybersecurity, privacy, scams, and homelab on Hake Hardware. New shorts every weekday. #cybersecurity #openai #chatgpt