OpenAI Rotating macOS Signing Certs After Axios Supply Chain Attack

OpenAI is revoking and rotating macOS code-signing certificates after a compromised Axios npm package (version 1.14.1) executed within a GitHub Actions workflow on March 31, 2026. The workflow had access to certificates used to sign ChatGPT Desktop, Codex, Codex CLI, and Atlas for macOS. While OpenAI’s investigation with a third-party IR firm found no evidence the certificate was actually exfiltrated or misused, the company is treating it as potentially compromised and coordinating with Apple to block future notarization with the old cert.

The certificate will be fully revoked on May 8, 2026, after which older app versions will be blocked by macOS Gatekeeper. All macOS users need to update to newly signed versions. Web services, iOS, Android, Windows, and Linux apps are unaffected, and OpenAI says no user data, credentials, or API keys were exposed.

The Axios compromise traces back to North Korean threat group UNC1069, who social-engineered a project maintainer through fake collaboration invitations on Slack and Teams. After installing malware via a staged video call, the attackers hijacked the maintainer’s npm account and published a trojanized Axios version containing a cross-platform RAT. The incident is part of a broader DPRK campaign targeting popular open-source projects for supply chain access.