LIVE FEED
Axios npm Library Compromised in Supply Chain Attack

Axios npm Library Compromised in Supply Chain Attack

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 The Hacker News

A North Korean threat group (UNC1069) compromised the popular npm Axios library via a supply chain attack, injecting a backdoor (WAVESHAPER.V2) into two poisoned versions that were inadvertently downloaded by OpenAI's macOS app-signing GitHub Actions workflow. Although OpenAI found no evidence of certificate exfiltration or user data compromise, the incident exposed the signing credentials for ChatGPT Desktop, Codex, Codex CLI, and Atlas, prompting certificate revocation and mandatory app updates by May 8, 2026. The attack highlights the acute risk of software supply chain compromises against AI product delivery pipelines.

OpenAI Supply Chain Attack via Axios Code Signing

OpenAI Supply Chain Attack via Axios Code Signing

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.5 SecurityWeek

OpenAI has been impacted by a supply chain attack attributed to North Korea-linked threat actors, involving a compromised macOS code signing certificate associated with the Axios JavaScript library. The incident highlights the vulnerability of major AI platforms to upstream software supply chain compromises, which could expose users to malicious code distributed through trusted tooling. As a leading AI infrastructure provider, any compromise of OpenAI's build or distribution pipeline carries significant downstream risk for enterprises relying on its models and APIs.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.