top of page
ALL POSTS
Malicious Codex UI Tool with 27,000 Downloads Caught Stealing OpenAI Refresh Tokens
Key Findings Popular codexui-android npm package with 27,000 weekly downloads contained malicious code stealing OpenAI authentication credentials Malicious code hidden in published package only, not in public GitHub repository, evading standard audits Attackers stole access tokens, ID tokens, account IDs, and refresh tokens from local auth.json files Refresh tokens do not expire, allowing attackers indefinite account impersonation Same threat actor deployed malicious Android
May 313 min read
OpenAI Targeted in TanStack npm Supply Chain Attack: What You Need to Know
Key Findings OpenAI confirmed that two employee devices were compromised in the TanStack supply chain attack, exposing limited credential material from internal source code repositories The TeamPCP hacking group distributed 84 malicious packages through the TanStack ecosystem using the Mini Shai-Hulud worm, which exploited GitHub Actions OIDC tokens and generated valid SLSA Level 3 attestations Code-signing certificates for iOS, macOS, Windows, and Android applications were e
May 163 min read
Fake OpenAI Repository on Hugging Face Distributes Infostealer Malware, Reaches Top Downloads
Key Findings Malicious repository impersonating OpenAI's Privacy Filter reached #1 trending on Hugging Face with 244,000 downloads in 18 hours before removal Typosquatting attack used copied model descriptions and fake AI code to distribute Rust-based information stealer malware Multi-stage attack chain included privilege escalation, Windows Defender evasion, and credential theft targeting browsers, wallets, and Discord At least six additional malicious repositories using sim
May 113 min read
OpenAI Expands Cyber Defense Program: GPT-5.4-Cyber Now Available to Security Teams
Key Findings OpenAI unveiled GPT-5.4-Cyber, a cybersecurity-focused variant of its flagship GPT-5.4 model optimized for defensive security operations The company is expanding its Trusted Access for Cyber (TAC) program to thousands of individual defenders and hundreds of security teams GPT-5.4-Cyber has already contributed to over 3,000 critical and high-severity vulnerability fixes through the Codex Security application Access will be controlled through Know-Your-Customer ver
Apr 152 min read
OpenAI Revokes macOS Certificate Following Axios Supply Chain Compromise
Key Findings OpenAI's GitHub Actions workflow downloaded malicious Axios version 1.14.1 on March 31, compromising access to macOS app signing certificates North Korean hacking group UNC1069 hijacked the Axios package maintainer account and injected WAVESHAPER.V2 backdoor into versions 1.14.1 and 0.30.4 OpenAI found no evidence of user data theft, system compromise, or software alteration despite certificate access All macOS versions of ChatGPT Desktop, Codex, Codex CLI, and A
Apr 132 min read
OpenAI Patches ChatGPT Data Exfiltration and Codex GitHub Token Vulnerabilities
Key Findings Check Point discovered a critical vulnerability in ChatGPT that allowed attackers to exfiltrate user data, uploaded files, and conversation history without detection or consent The flaw exploited a hidden DNS-based communication channel in the Linux runtime environment, bypassing all visible AI guardrails OpenAI patched the ChatGPT vulnerability on February 20, 2026, with no evidence of malicious exploitation BeyondTrust Phantom Labs identified a command injectio
Mar 304 min read
Cracks in the $100 Billion Nvidia-OpenAI Deal: Jensen Huang's Strategic Shift
Key Findings The $100 billion investment initiative between NVIDIA and OpenAI has reached an impasse, with the partnership being placed "on ice" NVIDIA CEO Jensen Huang has privately voiced skepticism about the viability of the original pact The two entities are currently recalibrating their alliance, potentially pivoting from a complex hardware-leasing and construction framework to a more straightforward equity investment Background The ambitious scope of the original partne
Feb 22 min read
The Ad Era Dawns: OpenAI Unveils $8 ChatGPT Go with Sponsored Responses
Key Findings OpenAI is launching a new $8 per month "ChatGPT Go" subscription tier, aimed at bridging the gap between free users and the $20 "Plus" tier. The most controversial aspect is the introduction of integrated advertising in both the free and Go tiers, a first for OpenAI. OpenAI is defending the ads as necessary to keep ChatGPT affordable and accessible, but privacy and cybersecurity experts are raising concerns. The company promises "answer independence" and user pri
Jan 173 min read
The $3 Trillion Opportunity: SpaceX, OpenAI, and Anthropic's Anticipated 2026 IPOs
Key Findings SpaceX, OpenAI, and Anthropic are reportedly preparing for IPOs in 2026 that could collectively exceed $3 trillion in valuation. SpaceX is targeting a $1.5 trillion IPO, fueled by Starlink's profitability and plans to accelerate Starship's Mars colonization and develop space-based AI data centers. OpenAI is eyeing a $1 trillion IPO to fund the development of GPT-6 and the Stargate supercomputing infrastructure. Anthropic, the dark horse, may leapfrog OpenAI by go
Jan 22 min read
OpenAI Assures Customers After Mixpanel Breach Exposes Some API User Data
Key Findings OpenAI confirmed a data breach involving its third-party analytics provider Mixpanel The breach exposed limited API user metadata like names, emails, locations, and browser info No passwords, API keys, chat content, or payment data were involved Regular ChatGPT users were not affected, only those interacting with the OpenAI API Background OpenAI, the company behind the popular AI assistant ChatGPT, has confirmed a data breach involving Mixpanel, a third-party ana
Nov 27, 20252 min read
bottom of page
