# OpenAI Caught in North Korean Supply Chain Attack, macOS Signing Keys Briefly at Risk

- slug: openai-caught-in-north-korean-supply-chain-attack-macos-signing-keys-briefly-at-risk
- date: 2026-04-11
- category: Artificial Intelligence

A North Korean supply chain attack on the Axios npm library reached OpenAI's build pipeline — exposing macOS signing keys for ChatGPT, Codex, and Atlas. The company says nothing was taken. That 'likely' is doing a lot of work.

---