OpenAI issued a security notice on April 11, stating that it recently discovered a security issue involving the third-party development library Axios. OpenAI emphasized that there is no evidence showing that user data was accessed, systems were compromised, or software was tampered with. However, based on a precautionary approach, it is updating the security credentials of all macOS applications, requiring all macOS users to update to the latest version.
Impact of the Axios supply chain incident
This security issue stems from a supply chain attack involving Axios — a widely used JavaScript HTTP request library. This is not an issue unique to OpenAI, but an event affecting the entire industry. Previously, Anthropic’s Claude Code was also impacted by related supply chain risks during the same period.
OpenAI said it is updating security credentials to prevent anyone from trying to distribute counterfeit software disguised as an official OpenAI application. While this kind of risk is “extremely unlikely” to occur, the company has chosen to take preventative measures.
macOS applications affected
The macOS applications that need to be updated include:
ChatGPT Desktop
Codex App
Codex CLI
Atlas
Users can update via the built-in update feature within the app or by going to OpenAI’s official link to download the latest version. OpenAI recommends that all macOS users complete the update as soon as possible.
Supply chain security for AI tools is drawing increasing attention
The incident once again highlights the supply chain security risks that AI tools face. As AI programming tools (such as ChatGPT, Claude Code, and Codex) have become central to developers’ everyday workflows, the third-party libraries these tools rely on also become targets for attackers.
Just the day before, security researchers had revealed a research report on 26 LLM router models secretly injecting malicious instructions, and the U.S. Department of the Treasury also expanded finance-grade cybersecurity intelligence to the digital asset industry. The security of AI tools is becoming a top priority for the entire industry.
This article, OpenAI urgently requests that all macOS users update their applications; the Axios supply chain attack triggers security credential updates, first appeared on LianNews ABMedia.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Anthropic Deploys Election Safeguards for Claude Ahead of 2026 Midterms
Anthropic announced Friday a set of election integrity measures designed to prevent its Claude AI chatbot from being weaponized to spread misinformation or manipulate voters ahead of the 2026 U.S. midterm elections and other major contests around the world this year. The San Francisco-based
CryptoFrontier13m ago
DeepRoute.ai Advanced Driver Assistance System breakthrough: over 300k vehicles deployed. 2026 target: 1 million City NOA fleet.
DeepRoute.ai announced that its advanced driver-assistance system has been deployed in China for a cumulative total of more than 300k vehicles. In the past year, it helped avoid more than 180k potential incidents. Its 2026 goal is for its city NOA vehicle fleet to reach 1 million vehicles, with utilization exceeding 50%, and it is seen as a key step toward large-scale commercial deployment of Robotaxis. This move shows that autonomous driving in China has entered routine usage, while also creating a divergence from the United States’ vertical integration pathway, affecting the timing of the Asia-Pacific supply chain.
ChainNewsAbmedia1h ago
DeepSeek Releases V4-Pro and V4-Flash Models at 98% Lower Cost Than OpenAI's GPT-5.5 Pro
Gate News message, April 25 — DeepSeek released preview versions of V4-Pro and V4-Flash on April 24, both open-weight models with one million token context windows. V4-Pro features 1.6 trillion total parameters but activates only 49 billion per inference pass using a Mixture-of-Experts architecture.
GateNews6h ago
Judge Dismisses Fraud Claims in Elon Musk's OpenAI Lawsuit; Case Advances to Trial with Two Remaining Allegations
Gate News message, April 24 — A federal judge has dismissed fraud claims from Elon Musk's lawsuit against OpenAI, Sam Altman, Greg Brockman, and Microsoft, clearing the way for the case to proceed to trial on two remaining allegations: breach of charitable trust and unjust enrichment. U.S.
GateNews9h ago
OpenAI CEO Sam Altman Apologizes for Failing to Report School Shooter's Banned Account to Police
Gate News message, April 25 — OpenAI Chief Executive Officer Sam Altman apologized to the Tamborine community in Canada for the company's failure to notify police about a banned account linked to Jesse Van Rootselaar, who killed eight people at a school in February before taking his own life. OpenAI
GateNews10h ago
UAE Announces Shift Toward AI Government Model in the Next Two Years
His Highness Sheikh Mohammed bin Rashid Al Maktoum stated that the goal was for 50% of government sectors to operate through autonomous agentic AI. The transition will also include the training of federal employees to “master AI” and will be overseen by Sheikh Mansour bin Zayed.
Key Takeaways:
Coinpedia10h ago
