OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack

HomeCyber Security News OpenAI Confirms Security Breach Via TanStack npm Supply Chain Attack By Guru Baran May 15, 2026 Two employee devices at OpenAI were compromised in a sweeping software supply chain attack targeting TanStack npm, but the AI company confirmed no user data, production systems, or intellectual property were affected. On May 11, 2026 UTC, threat actors launched a campaign dubbed “Mini Shai-Hulud” a coordinated supply chain offensive orchestrated by the TeamPCP extortion gang. The attackers injected malicious code into TanStack, a widely used open-source JavaScript library, by abusing weaknesses in the project’s GitHub Actions workflows and CI/CD configuration. This allowed malicious package versions to be published directly through TanStack’s legitimate release pipeline, making them appear entirely trustworthy to consuming systems. OpenAI Confirms Security Breach OpenAI’s corporate environment ingested the compromised package before updated security controls were in place, resulting in two employee workstations being silently infected. OpenAI’s investigation, supported by a third-party digital forensics and incident response firm, identified credential-focused exfiltration activity across a limited subset of internal source code repositories that the two impacted employees could access. Only limited credential material was successfully exfiltrated; no customer data, intellectual property, or production code was altered or stolen. Critically, the impacted repositories contained code-signing certificates for OpenAI products across iOS, macOS, Windows, and Android platforms. While no evidence of certificate misuse was detected, OpenAI is rotating all signing certificates as a precautionary measure. OpenAI moved quickly to contain the damage upon detecting malicious activity: Isolated impacted systems and identities Revoked all active user sessions on affected accounts Rotated credentials across all impacted repositories Temporarily restricted code-deployment workflows Engaged a third-party incident response firm for forensic analysis Coordinated with platform providers to block new notarizations using the old certificates Because the compromised repositories included macOS code-signing certificates, all macOS users must update their OpenAI apps before June 12, 2026. Affected applications include ChatGPT Desktop (last version: 1.2026.125), Codex App (26.506.31421), Codex CLI (0.130.0), and Atlas (1.2026.119.1). After June 12, 2026, Apple’s macOS security protections will block any app still signed with the old certificate from launching or receiving updates. Windows and iOS users do not need to take any action. Users should only download updates through in-app mechanisms or official OpenAI pages and must avoid third-party download sites, email links, or unsolicited installers posing as OpenAI software. The Mini Shai-Hulud campaign extended far beyond OpenAI, compromising hundreds of npm and PyPI packages from projects including Mistral AI, UiPath, Guardrails AI, and OpenSearch. The malware specifically targeted developer and cloud credentials, GitHub tokens, npm publish tokens, AWS credentials, Kubernetes secrets, SSH keys, and .env files weaponizing the very tools modern DevOps teams depend on daily. This incident follows OpenAI’s earlier Axios developer tool compromise, after which the company began deploying hardened CI/CD pipeline controls and package manager configurations with security constraints like minimumReleaseAge. The two compromised devices had not yet received those updated configurations, a gap the attackers exploited. OpenAI’s breach underscores a stark industry reality: the modern software supply chain is an attack surface. As organizations build on deeply interconnected open-source ecosystems, a single upstream compromise can silently propagate across hundreds of downstream targets within hours. Follow us on Google News, LinkedIn, and X to Get More Instant Updates. Tags cyber security cyber security news Copy URL Linkedin Twitter ReddIt Telegram Guru Baranhttps://cybersecuritynews.com Gurubaran KS is a cybersecurity analyst, and Journalist with a strong focus on emerging threats and digital defense strategies. He is the Co-Founder and Editor-in-Chief of Cyber Security News, where he leads editorial coverage on global cybersecurity developments. Trending News Microsoft Teams Vulnerability Allows Hackers to Perform Spoofing Attacks GhostLock Tool Leverages Windows API to Lock File Access Like Ransomware Fake Moustache Bypasses Age Verification System Raising Online Safety Act Concerns New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass Hackers Abuse Signed Logitech Installer to Deploy TCLBANKER Banking Trojan Latest News Cyber Security News Sandworm Hackers Pivot From Compromised IT Systems Toward Critical OT Assets Cyber Security News Chinese APT Hackers Exploit Microsoft Exchange to Breach Energy Sector Network Cyber Security News New Malware Framework Enables Screen Control, Browser Artifact Access, and UAC Bypass Cyber Attack News node-ipc npm Package with 822K Weekly Downloads Compromised in Supply Chain Attack Cyber Security News Anthropic’s Mythos AI Reportedly Found macOS Vulnerabilities that Could Bypass Apple Security