The Hacker News: OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

Incident Summary

OpenAI revoked the certificate for its ChatGPT macOS app after discovering that a malicious Axios library had been downloaded through a compromised GitHub Actions workflow on March 31. The incident involved a supply chain compromise in the build/dependency pipeline. OpenAI stated that no user data or internal systems were affected. Limited public details are available beyond the certificate revocation and the reported scope of impact.

Incident Details

Type

Data Breach

Severity

LOW

Status

ACTIVE

Date Occurred

April 13, 2026

External Sources

• https://thehackernews.com/2026/04/openai-revokes-macos-app-certificate.html