Axios, a widely used JavaScript library, is affected by a new critical vulnerability that enables attackers to chain exploits ...

A newly disclosed security flaw in Axios, one of the most widely used HTTP client libraries in the JavaScript ecosystem, has raised concern across software and cloud security teams after official ...

OpenAI rotated macOS code‑signing certificate after Axios supply chain breach Malicious Axios 1.14.1 pulled into app‑signing ...

All macOS users must update their OpenAI apps, including ChatGPT, to the latest versions following a security incident, ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

OpenAI said a GitHub Actions workflow involved in signing Mac applications downloaded and executed a malicious version of ...

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.

OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently ...

Spread the loveIn a chilling reminder of the vulnerabilities inherent in open source software, two significant supply chain attacks occurred in March 2026, targeting widely used tools that affect a ...

An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official ...

Spread the loveIn a significant incident underscoring the vulnerabilities of software supply chains, OpenAI took decisive action by revoking its macOS signing certificate on March 31, 2026. This move ...