"A GitHub Actions workflow we use in the macOS app-signing process downloaded and executed a malicious version of Axios (version 1.14.1). This workflow had access to a certificate and notarization material used for signing macOS applications, including ChatGPT Desktop, Codex, Codex-cli, and Atlas."
"The timing of the payload execution and other factors have led the AI giant to believe that the macOS signifying certificate has not been compromised. However, the company has decided to revoke and rotate the certificate as a precaution."
"If the certificate was indeed compromised, the attacker could abuse it to sign malicious code and disguise it as legitimate OpenAI software."
"We have stopped new software notarizations using the old certificate, so new software signed with the old certificate by an unauthorized third party would be blocked by default by macOS security."
OpenAI confirmed its involvement in a supply chain attack linked to North Korean hackers, which compromised the NPM account of an Axios maintainer. Malicious packages were published, capable of executing a remote access tool across multiple operating systems. Although the packages were removed quickly, OpenAI conducted an investigation and found that a GitHub Actions workflow downloaded a malicious Axios version. As a precaution, OpenAI revoked its macOS signing certificate to prevent potential misuse, despite believing it was not compromised.
Read at SecurityWeek
Unable to calculate read time
Collection
[
|
...
]