OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

2026-04-13

1 min read

by info@thehackernews.com (The Hacker News)

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

OpenAI revoked its macOS application signing certificate after discovering it was exposed during a malicious Axios npm package supply chain attack in March 2026.

•OpenAI's GitHub Actions workflow downloaded Axios 1.14.1 containing a malicious backdoor called WAVESHAPER.V2, but analysis suggests the signing certificate was not successfully exfiltrated due to execution timing and mitigating factors.
•The compromised certificate will be revoked by May 8, 2026, and older versions of ChatGPT Desktop, Codex, and Atlas will no longer receive updates or security support after that date.
•The Axios attack was attributed to North Korean hacking group UNC1069 and was part of a broader March supply chain campaign that also compromised Trivy vulnerability scanner and multiple Python packages including LiteLLM and Telnyx.
•TeamPCP orchestrated the Trivy attack using stolen credentials to deploy CanisterWorm malware and is now monetizing harvested credentials with other cybercriminal groups inclu

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Dynamic, identity-aware, and secure Sandbox auth

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware