OpenAI has issued a mandatory update deadline for Mac users of its ChatGPT and related desktop applications following a supply chain attack that exposed code-signing certificates used by Apple’s macOS security systems.
The company disclosed the incident on May 13, confirming that malware linked to the “Mini Shai-Hulud” attack infected two employee devices via the TanStack npm ecosystem. Investigators found unauthorized access to a limited set of internal source code repositories tied to those employees.
Breach Details and Certificate Rotation
OpenAI rotated its signing certificates and re-signed all affected applications to prevent potential misuse of the exposed credentials. The company stated it found no evidence that customer data, production systems, or intellectual property were compromised during the incident.
The affected repositories included signing certificates used for applications across macOS, iOS, Windows, and Android. OpenAI opted to block future notarization attempts tied to the older credentials rather than revoking the certificates immediately, which could have broken software installations for existing users.
Why the June 12 Deadline Is Critical
Apple’s macOS security protections—including Gatekeeper and notarization systems—use code-signing certificates to verify that software comes from a legitimate developer. After June 12, these protections will block any app signed with the older, exposed certificates.
Investigators found no evidence that the exposed certificates were used to sign malicious software or distribute malware to users. However, older versions of ChatGPT Desktop, Codex App, Codex CLI, and Atlas may stop functioning or receiving updates after the deadline. The affected releases include ChatGPT Desktop 1.2026.125, Codex App 26.506.31421, Codex CLI 0.130.0, and Atlas 1.2026.119.1.
Supply Chain Attack Implications
Modern applications rely on extensive networks of open-source libraries, package managers, and automated development systems that can propagate compromised code widely. The attack hit during an active rollout of new supply chain security protections across OpenAI’s development systems, including stricter package provenance checks and stronger CI/CD credential controls.
The two affected employee devices had not yet received these updated protections when the malware reached the systems. OpenAI said the incident accelerated deployment of additional safeguards designed to reduce the impact of future supply chain attacks.
What This Means for Enterprise Users
Mac users must install updated versions of ChatGPT, Codex, and related apps before June 12, exclusively through official websites or built-in update systems. OpenAI warns against using installers from ads, third-party download sites, or unsolicited messages. For organizations relying on these tools, this incident underscores the growing complexity of securing software supply chains—and the critical importance of timely patch management in an era where a single compromised dependency can cascade across platforms and ecosystems.
— Originally reported by AppleInsider. Adapted and republished with editorial context for MacThreat.
