GoKawiilOpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious Axios package during a recent supply chain attack.
The company said that on March 31, 2026, the legitimate workflow downloaded and executed a compromised Axios package (version 1.14.1) that was used in attacks to deploy malware on devices.
That workflow had access to code-signing certificates used to sign OpenAI's macOS apps, including ChatGPT Desktop, Codex, Codex CLI, and Atlas.
While OpenAI says its investigation found no evidence that the signing certificate was compromised, the company is treating it as potentially compromised out of caution and is now revoking and rotating it.
"Out of an abundance of caution we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps. We found no evidence that OpenAI user data was accessed, that our systems or intellectual property was compromised, or that our software was altered," explains an OpenAI security advisory.
"We are updating our security certificates, which will require all macOS users to update their OpenAI apps to the latest versions."
macOS users will need to update their apps to versions signed with the new certificate, as older versions may stop working on May 8, 2026.
OpenAI worked with a third-party incident response firm to conduct an investigation, which found no evidence that the incident exposed its certificates or that they were used to distribute malicious software. The company also analyzed previous notarization activity linked to the certificate and confirmed that everything signed with it was legitimate.
However, if the attacker obtained the certificate, they could use it to sign their own macOS applications that appear to be legitimately signed by OpenAI.
Therefore, to reduce the risk, OpenAI says it is working with Apple to ensure no future software can be notarized with the previous certificate.
... continue reading