Mac users running OpenAI's desktop applications must update immediately or risk losing access after May 8. The company issued the security warning today following a supply chain attack that compromised the widely-used Axios npm package earlier this year.
OpenAI discovered the issue during an automated process on March 31, when a malicious version of Axios was used in its development pipeline. The JavaScript HTTP client library handles app authentication on macOS, verifying that applications are legitimate before allowing them to open.
While OpenAI found no evidence that user data was accessed or systems were compromised, the company is replacing security certificates as a precaution.
"We recently identified a security issue involving a third-party developer tool, Axios, that was part of a widely reported, broader industry incident," OpenAI stated in its Friday evening announcement. "We are updating our security certifications, which will require all macOS users to update their OpenAI apps to the latest versions."
The affected applications include ChatGPT Desktop, Codex App, Atlas, and Codex CLI for macOS. Users who fail to update before the May 8 deadline will lose access to new features and may find their existing installations stop working entirely. The certificate replacement prevents potential distribution of fake applications masquerading as legitimate OpenAI software.
This incident connects to a major supply chain attack that targeted Axios in late March 2026. Security researchers attributed the compromise to North Korean hackers who hijacked maintainer accounts for the popular npm package, which sees over 100 million weekly downloads globally. The attackers inserted malicious code designed to spread malware across development pipelines worldwide.
OpenAI emphasized its proactive approach despite finding no direct compromise of its systems or intellectual property.
"Out of an abundance of caution we are taking steps to protect the process that certifies our macOS applications are legitimate OpenAI apps," the company explained. "This helps prevent any risk, however unlikely, of someone attempting to distribute a fake app that appears to be from OpenAI."
The forced updates represent a significant consumer-facing consequence from the Axios supply chain compromise. While many companies addressed backend vulnerabilities internally, OpenAI's desktop application architecture requires user action for certificate replacement.
Links to download updated versions of all four affected Mac applications are available through OpenAI's official channels.
