The axios npm supply chain attack has been linked to North Korea’s Lazarus Group and prompted OpenAI to confirm a limited exposure affecting its macOS applications. Google Threat Intelligence Group recognized the responsible group as UNC1069, a financially motivated entity known to be active since 2018.
OpenAI stated that while it was affected by the axios npm incident reported on April 1, there was no evidence of compromise to user data or internal systems. The malicious version of axios (v1.14.1) was executed in a GitHub Actions workflow on March 31, 2026, which was tied to code-signing certificates vital for OpenAI’s apps.
In response, OpenAI has initiated a full rotation of its macOS code-signing certificates. The company is treating the certificates as potentially compromised, despite internal analyses indicating they were likely not exfiltrated. As a precaution, users are required to update their macOS applications, as older versions will lose support after May 8, 2026.
OpenAI has also coordinated with Apple to prevent any new notarization attempts using the old certificates, engaging a third-party digital forensics firm to investigate further. Actions taken include publishing new builds of affected apps, reviewing earlier software notarizations, and ensuring no unauthorized changes were made to distributed software.
The exposure was traced back to a misconfigured GitHub Actions workflow that utilized a floating tag rather than a fixed commit hash, lacking a minimum release age for dependencies. This misconfiguration increased the risk of integrating compromised packages, pointing to a broader vulnerability in development practices.
OpenAI emphasized that the incident solely affected macOS applications with no impact on iOS, Android, Windows, Linux, or web services. The company reassured users that no data or API keys were compromised, no passwords needed changing, and no malware signed by OpenAI has been detected.
OpenAI plans to revoke the old certificate on May 8, which will cause any software signed with it to be blocked by macOS security post-revocation. The axios npm attack underscores the growing risks associated with third-party software dependencies, reflecting both financial and strategic uses by state-sponsored groups.
