Find notable cyber news and cases, enriched with sources, timelines, and signals.

OpenAI hit by cyberattack

Incident
First reported
Last updated
Happening score
H score 38
2 unique sources, 2 articles

Summary

Hide ▲

OpenAI confirmed two employees' devices were breached, giving attackers access to a limited set of internal source code repositories and forcing a precautionary rotation of code-signing certificates. The company said customer data, production systems, and deployed software were not affected. The breach is tied to the Mini Shai-Hulud supply-chain campaign, and macOS users must update OpenAI desktop apps by June 12, 2026 to avoid launch or update issues.

Related Happenings

OpenAI ChatGPT Atlas BioShocking fix

Advisory/Mitigation
H score34 First: 01.07.2026 00:50 Last: 01.07.2026 00:50 Sources 1

About this happening: OpenAI delivered a **working fix** for **BioShocking** in **ChatGPT Atlas**, closing a prompt-injection path that could push an AI browser toward unsafe real-world actions and **c...

Poisoned Tenant OpenAI organization invite campaign

Campaign
H score35 First: 26.06.2026 20:49 Last: 26.06.2026 20:49 Sources 1

About this happening: The **Poisoned Tenant** campaign is using fraudulent **OpenAI organizations** to lure targeted employees into shared **ChatGPT workspaces**, creating a risk of sensitive company d...

OpenAI Codex codexui-android supply-chain token theft campaign

Campaign
H score48 First: 01.06.2026 12:31 Last: 01.06.2026 12:31 Sources 1

About this happening: A **malicious supply-chain campaign** is stealing **OpenAI Codex authentication tokens** from developers through the **codexui-android** npm package and mirrored Android apps, cre...

TeamPCP campaign expands across multiple victims

Campaign
H score49 First: 15.05.2026 13:54 Last: 15.05.2026 13:54 Sources 1

How related: The development comes close on the heels of TeamPCP claiming a number of fresh victims, compromising hundreds of packages associated with TanStack, UiPath, Mistral AI, OpenSearch, and Guardrails AI as part of an ongoing supply chain attack campaign designed to push malware to downstream developers and steal credentials from their systems to further extend the scale of the breaches.

About this happening: The **TeamPCP / Mini Shai-Hulud** supply-chain operation is actively compromising **hundreds of packages**, exposing **downstream developers** to **malware delivery** and **creden...

Mistral AI hit by network compromise

Incident
H score36 First: 15.05.2026 01:50 Last: 15.05.2026 01:50 Sources 1

About this happening: Mistral AI disclosed a **codebase management system compromise** tied to the **Mini Shai-Hulud** supply-chain attack, and the intrusion briefly contaminated some **SDK packages**....

Timeline

  1. 14.05.2026 22:07 2 articles · 1mo ago

    OpenAI confirms employee device breach in Mini Shai-Hulud supply-chain compromise

    Initial Disclosure

    OpenAI said two employees' devices were breached in the Mini Shai-Hulud/TanStack supply-chain compromise, with unauthorized access and credential-focused exfiltration seen in a limited subset of internal source code repositories. OpenAI said customer data, production systems, intellectual property, and deployed software were not affected, and it isolated affected systems and accounts, revoked sessions, rotated credentials across affected repositories, temporarily restricted deployment workflows, and began rotating code-signing certificates used for products on macOS, Windows, iOS, and Android.

    Show sources