OpenAI rotated macOS code‑signing certificate after Axios supply chain breach Malicious Axios 1.14.1 pulled into app‑signing ...

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, ...

Spread the loveIn a chilling reminder of the vulnerabilities inherent in open source software, two significant supply chain attacks occurred in March 2026, targeting widely used tools that affect a ...

OpenAI is asking Mac users to update ChatGPT, Codex, Atlas, and Codex CLI after a security issue involving Axios and macOS ...

Anthropic's Claude Code CLI had its full TypeScript source exposed after a source map file was accidentally included in ...

The most widely used JavaScript HTTP library on the internet — embedded in millions of production applications, relied on by ...

Forty-five million weekly downloads. One compromised maintainer. Three hours of exposure before anyone noticed.

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

Spread the loveIn a significant security incident that has sent shockwaves through the developer community, a North Korean state-sponsored hacking group has successfully compromised the popular Axios ...

Discover the details of the North Korean hack on Axios software. We explain how the UNC1069 group is stealing US ...

Or, why the software supply chain should be treated as critical infrastructure with guardrails built in at every layer.