TITLE: OpenAI urges all macOS users to update ChatGPT, Codex and Atlas after Axios library compromise
DATE: 2026-04-30
COMPANY: OpenAI
TOPIC: AI Security

SUMMARY: OpenAI issued an urgent security alert on 29 April 2026 after a compromised third-party JavaScript library, Axios, was used to push a remote access trojan into its desktop apps. All macOS users must update before 8 May 2026 or risk credential theft.

WHAT CHANGED:
A social engineering attack inserted a remote access trojan into the widely used Axios JavaScript library, which OpenAI shipped inside its macOS desktop apps for ChatGPT, Codex and Atlas. OpenAI has set a firm 8 May 2026 deadline for all users to update or stop using the apps.

WHY IT MATTERS:
This is a direct supply chain compromise of a top-tier AI vendor. Any operator using ChatGPT, Codex or Atlas on macOS could have unwittingly given attackers credentialed access to their machine. It also reinforces that AI vendor risk is now part of standard third-party risk management.

DAVID & GOLIATH ANALYSIS:
This development reinforces our belief that the next generation of organisations will be built on intelligent systems, not larger teams. Push an urgent update notice to all Mac users today. Force-update or block the affected apps before 8 May. Add OpenAI desktop apps to your software inventory and monitor vendor advisories from now on.

RELEVANT SYSTEMS: Secure AI Brain

SOURCE URL: https://davidandgoliath.ai/daily-ai-briefing/openai-urges-all-macos-users-to-update-chatgpt-codex-and-atlas-after-axios-libra
FEED URL: https://davidandgoliath.ai/daily-ai-briefing/feed

---

Published by David & Goliath | https://davidandgoliath.ai
Daily AI Briefing: one AI development per day, decoded for business operators.
This is a structured companion file optimised for LLM retrieval and citation.