OpenAI has reported a security incident where attackers gained access to internal credentials after malware infiltrated two employee devices. This breach is connected to the ongoing “Mini Shai-Hulud” campaign, which targets npm ecosystems and developer infrastructure.
Incident Overview
The company revealed that the attackers successfully exfiltrated a limited amount of internal credential material. This prompted OpenAI to rotate signing certificates for several of its desktop products, including the macOS versions of ChatGPT Desktop, Codex App, Codex CLI, and Atlas. Users are required to update their software by June 12.
Details of the Attack
According to OpenAI, the incident occurred during a phased rollout of new supply chain security controls, which were implemented following a previous Axios-related breach. The two affected devices had not yet received the updated package management protections that could have prevented the malicious dependency from being installed.
Scope of the Breach
OpenAI clarified that there is no evidence indicating that customer data, production systems, or deployed software were compromised during this incident. The attackers focused on credential exfiltration from a limited set of internal repositories accessible from the compromised machines.
Wider Implications
This incident ties OpenAI to a larger supply chain attack that has seen various npm ecosystems targeted. Security firm Socket has linked the TanStack compromise to the broader “Mini Shai-Hulud” operation, which has utilized poisoned automation workflows and stolen publishing credentials to insert malicious package updates into trusted software pipelines. Researchers have identified 84 malicious package versions across 42 @tanstack/* packages, primarily aimed at stealing credentials such as GitHub tokens and cloud secrets.
OpenAI is continuing to investigate the incident and monitor for any potential downstream abuse related to the stolen credentials. While the company reassures that no production systems were breached, the incident highlights ongoing vulnerabilities within software supply chains.
This article was produced by NeonPulse.today using human and AI-assisted editorial processes, based on publicly available information. Content may be edited for clarity and style.
