The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require users to update their macOS certificates.

The internet runs on shared code—a big problem when a cyberattack corrupts the software supply chain.

Elastic Security Labs quickly spotted the unfolding supply-chain attack that backdoored the popular JavaScript library Axios, ...

Attackers stole a long-lived npm access token belonging to the lead maintainer of axios, the most popular HTTP client library in JavaScript, and used it to publish two poisoned versions that install a ...

The widely used Axios HTTP client library, a JavaScript component used by developers, was recently hacked to distribute malware via a compromised account. Attackers exploited a hijacked account on npm ...

OpenAI said on Friday it had identified a security issue involving a third-party developer tool called Axios and is taking steps to protect the process that certifies its macOS applications are ...

The ChatGPT maker said it found no evidence that its user data was accessed or that its systems or intellectual property were compromised.