OpenAI asks macOS users to update after TanStack npm supply chain attack
The actions are being taken in light of an expanding supply chain campaign impacting the popular open-source library TanStack and additional npm and PyPI packages tied to several AI companies.
OpenAI is taking a range of actions to protect users following a supply chain attack that corrupted the signing keys used to make sure the company’s applications are legitimate.
Users on macOS have to update their OpenAI applications by June 12, after which they will no longer receive updates or support and the service may not function. The new certificates with the update will help “customers know that software comes from the legitimate developer, OpenAI.”
The actions are being taken in light of an expanding supply chain campaign impacting the popular open-source library TanStack and additional npm and PyPI packages tied to several AI companies.
Source: https://therecord.media/openai-asks-macos-users-to-update-tanstack-npm
Related breach coverage
- OpenAI hit by supply chain attack linked to malicious TanStack packages2026-05-16
OpenAI said the TanStack supply chain attack compromised two employee devices and exposed credentials from code repositories. OpenAI confirmed that the recent TanStack supply chain attack compromised two employee devices and exposed credential material stored in internal source code repositories. The incident began after the TeamPCP hacking group abused weaknesses in the package publishing process […]
- OpenAI Hit by TanStack Supply Chain Attack2026-05-15
Two employee devices were compromised in the attack, and credential material was stolen from OpenAI code repositories. The post OpenAI Hit by TanStack Supply Chain Attack appeared first on SecurityWeek.
- TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code2026-05-15
The hacking group is encouraging miscreants to use the code in supply chain attacks, promising monetary rewards. The post TeamPCP Ups the Game, Releases Shai-Hulud Worm’s Source Code appeared first on SecurityWeek.
- Experts warn of active exploitation of critical NGINX flaw CVE-2026-429452026-05-18
A critical NGINX flaw (CVE-2026-42945) is actively exploited, allowing crashes or possible code execution via malicious HTTP requests. A critical vulnerability in NGINX Plus and NGINX Open, tracked as CVE-2026-42945 (CVSS v4 score of 9.2), is already being actively exploited shortly after disclosure. “We’re seeing active exploitation of CVE-2026-42945 in F5 NGINX, a heap buffer […]