Code-Signing

3 reports

All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning

ATLAS OWASP HIGH The Hacker News May 15, 2026 ▲ 8.5

TanStack Supply Chain Attack Compromises OpenAI Developer Devices and Signing Certificates

A supply chain attack targeting TanStack via the Mini Shai-Hulud malware compromised two OpenAI employee devices, exposing internal source code repositories and code-signing certificates for macOS, …

AML.T0010 - ML Supply Chain Compromise AML.T0012 - Valid Accounts AML.T0047 - ML-Enabled Product or Service

ATLAS OWASP HIGH The Hacker News Apr 20, 2026 ▲ 7.2

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

A North Korean threat group (UNC1069) compromised the popular npm Axios library via a supply chain attack, injecting a backdoor (WAVESHAPER.V2) into two poisoned versions that were inadvertently …

AML.T0010 - ML Supply Chain Compromise AML.T0047 - ML-Enabled Product or Service

ATLAS OWASP HIGH SecurityWeek Apr 14, 2026 ▲ 7.5

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI has been impacted by a supply chain attack attributed to North Korea-linked threat actors, involving a compromised macOS code signing certificate associated with the Axios JavaScript library. …

AML.T0010 - ML Supply Chain Compromise AML.T0047 - ML-Enabled Product or Service