OpenAI has urged macOS users to update its desktop applications, including the ChatGPT app, as a precautionary measure following a security issue tied to a third-party developer tool. The company reported no signs of user data access, system compromise, or software tampering, yet it is rotating security certificates to safeguard the signing process that verifies its apps as legitimate.
The incident stems from a broader software supply chain attack on Axios, a widely used http client library, which occurred around March 31, 2026. A GitHub Actions workflow in OpenAI’s macOS app-signing process inadvertently downloaded and executed a malicious version of the library. That workflow had access to code-signing certificates and notarization materials used for apps such as ChatGPT Desktop, Codex, Codex CLI, and Atlas. While investigators linked the attack to actors believed to be associated with North Korea, OpenAI stressed that its own investigation found no evidence the certificate was actually misused or that any malicious code reached users.
In response, OpenAI is revoking and replacing the affected certificates. Users must install the latest versions of its macOS apps to continue receiving updates and maintain full functionality. After May 8, 2026, older versions may stop working altogether. Updates can be obtained through the in-app mechanism or directly from OpenAI’s official links. The company described the step as a conservative safeguard against the remote possibility of forged apps masquerading as its own software.
This episode highlights the persistent risks in modern software development, where even well-established libraries can become vectors in supply-chain attacks. Similar incidents have affected other major tech players in recent years, exposing how dependencies on third-party code can create unintended exposure even for organizations with robust internal security practices. OpenAI’s swift rotation of certificates and transparent communication reflect standard industry handling of such events, though the forced update deadline adds a layer of inconvenience for users who may have grown accustomed to seamless background updates.
For many, the ChatGPT desktop app has become a regular part of workflows on Mac, offering a more integrated experience than the web version. Codex targets coding assistance, while Atlas and the CLI serve more specialized needs. The requirement to update underscores how certificate management remains a critical, if often invisible, part of keeping desktop software trustworthy.
In a broader sense, the event serves as a reminder that the rapid expansion of AI tools into everyday desktop environments brings familiar cybersecurity challenges. Supply-chain vulnerabilities are not new, yet they carry added weight when the software in question handles sensitive conversations or professional code. OpenAI’s handling appears measured, with clear emphasis on the absence of actual harm, but it also illustrates the ongoing tension between convenience and the layered defenses needed in an increasingly interconnected development ecosystem.
Users are advised to check for updates promptly and verify they are downloading from official channels to avoid any unrelated phishing risks that often surface around such announcements.
