The Hacker News: OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

Incident Summary

A GitHub Actions workflow inadvertently downloaded a malicious version of the Axios library in a supply-chain incident on March 31. In response, OpenAI revoked its macOS app certificate. The incident matters because it involved compromised third-party code in the software build pipeline, which can create downstream risk for users if shipped artifacts are affected. Limited public details are available, and OpenAI stated that no user data or internal systems were compromised.

Incident Details

Type

Data Breach

Severity

LOW

Status

ACTIVE

Date Occurred

April 13, 2026

External Sources

• https://thehackernews.com/2026/04/openai-revokes-macos-app-certificate.html