CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...
The News International

OpenAI reports security issue in third-party tool Axios, assures user data protection

OpenAI has recently identified a security flaw in a third-party developer tool called Axios and taken necessary steps to ...

OpenAI identifies security issue involving third-party tool, says user data was not accessed

The ChatGPT maker said it found no evidence that its user data was accessed or that its systems or intellectual property were compromised.
VentureBeat

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...

OpenAI rotates macOS certs after Axios attack hit code-signing workflow

OpenAI is rotating potentially exposed macOS code-signing certificates after a GitHub Actions workflow executed a malicious ...