OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised.
“Out of an abundance of caution, we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps,” OpenAI said in a post last week. “We found no
OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident
