OpenAI is asking Mac users to update its desktop applications, including ChatGPT, Codex, Atlas, and Codex CLI, following a security issue tied to a third-party developer tool used in its macOS build pipeline. The company says the update is being issued out of an abundance of caution and is focused on strengthening how its Mac apps are verified and signed.
The issue is linked to Axios, a widely used open-source JavaScript library that was recently affected in a broader software supply chain incident. OpenAI confirmed that a compromised version of Axios was pulled into an internal GitHub Actions workflow used during the macOS app signing process. That workflow had access to certificate material used to notarize OpenAI’s Mac applications, which is what allows macOS to verify that an app is genuine.
OpenAI says its investigation found no evidence that user data, internal systems, or app binaries were compromised. The company also states there is no indication that the signing certificate was successfully stolen or misused. Even so, it is treating the situation as a potential risk and rotating its macOS code signing and notarization certificates.
This rotation is the main reason users are being asked to update. Older versions of the apps were signed using the previous certificate, which OpenAI is now replacing to reduce any chance of misuse. The company has also confirmed a cutoff date of May 8, 2026, after which older builds of ChatGPT Desktop, Codex App, Codex CLI, and Atlas may stop working or lose support entirely.
The affected workflow was found to have a configuration issue that allowed dependency updates to be pulled in without strict version locking. This meant a malicious update to Axios could enter the build environment during the signing process. OpenAI has since fixed this configuration and tightened controls around dependency management in its macOS release pipeline.
This issue is limited to macOS apps only. ChatGPT and Codex on the web, along with iOS, Android, and Windows versions, are not affected. OpenAI also notes that users do not need to reset passwords or API keys since authentication systems were not part of the incident.
On the user side, the update is handled in the usual way through in-app prompts or official download pages. OpenAI is also stressing that updates should only be installed from trusted sources, since security-related incidents often trigger fake installer links circulating online.
Even though there is no sign of active exploitation, the incident shows how much modern app security depends on third-party libraries and automated build systems. A single compromised dependency can create risk inside a signing pipeline, even if nothing ultimately leaks or gets used in the wild.
For Mac users, installing the latest version simply ensures the app is signed with OpenAI’s updated certificate and continues to pass macOS verification without interruption. It is a preventative change to keep the trust chain intact rather than a response to confirmed user impact.
