OpenAI Supply Chain Attack Hits TanStack Malware, Forces macOS App Updates

OpenAI has disclosed that two employee devices were compromised via the Mini Shai-Hulud supply chain attack targeting TanStack, an open-source software library ecosystem. The breach occurred within the company's corporate environment and involved unauthorized access to internal source code repositories accessible to the two affected employees. OpenAI confirmed that while the malware exhibited publicly documented behaviors including credential-focused exfiltration activity, no user data, production systems, or intellectual property were compromised. The company acted swiftly, isolating impacted systems and identities, revoking user sessions, and rotating all credentials across affected repositories while temporarily restricting code-deployment workflows.

The attackers successfully exfiltrated limited credential material from internal repositories containing signing certificates for iOS, macOS, and Windows products. As a precautionary measure, OpenAI revoked the compromised certificates and issued new ones, with the old certificates scheduled for full revocation on June 12, 2026. Following this date, macOS will block downloads and launches of applications signed with the previous certificate through built-in protections. Users of ChatGPT Desktop, Codex App, Codex CLI, and Atlas for macOS must update to the latest versions immediately to prevent any risk of fake app distribution. Windows and iOS users do not require action at this time. Organizations should consider using tools like SSL/TLS checker to verify their certificate integrity and privacy checkup to assess their exposure.

This marks the second certificate rotation in as many months, following a similar incident in mid-April 2026 when a GitHub Actions workflow used to sign macOS applications downloaded a malicious Axios library compromised by the North Korean threat actor UNC1069 on March 31. The recurring nature of these supply chain attacks underscores the growing sophistication of nation-state actors targeting development tooling. OpenAI emphasized that this trend reflects a broader shift in the threat landscape, with attackers increasingly focusing on shared software dependencies and CI/CD infrastructure rather than individual corporate targets. The deep interconnection of modern software ecosystems means vulnerabilities introduced upstream can propagate rapidly across numerous organizations, making supply chain security a critical priority. Companies can mitigate risks by regularly using email breach checker and password checker tools to identify compromised credentials. Additionally, teams should audit their open ports and verify domain ownership through WHOIS lookup to prevent subdomain takeover attacks commonly used in supply chain campaigns.