OpenAI updates macOS app security after Axios developer-tool compromise

OpenAI said on April 10, 2026, that it is updating the security certifications behind its macOS desktop apps after a compromise involving the third-party developer tool Axios. The company said it found no evidence that user data was accessed, its systems or intellectual property were compromised, or its software was altered, but it is still requiring Mac users to update to the latest versions of its desktop apps.

OpenAI moves to reissue trust for ChatGPT and Codex on macOS

The company said the change is meant to protect the process that certifies OpenAI’s macOS applications as legitimate software. That matters because desktop AI apps are now part of the company’s everyday product surface, not just a browser-based interface, and the trust chain around those apps has become a practical security issue.

OpenAI said users can update through an in-app prompt or through official download links for the ChatGPT Desktop and Codex apps. The company also warned users to be cautious of unexpected installers labeled OpenAI, ChatGPT or Codex that arrive through email, text messages, chat threads, ads, file-sharing links, or third-party download sites.

No evidence of customer-data exposure, but the update is mandatory

OpenAI framed the move as a precautionary response to a broader industry incident rather than a direct breach of its own systems. Even so, the company said older versions of its macOS desktop apps will stop receiving updates and support on May 8, 2026, and may no longer function after that date.

That creates a clear operational deadline for users who rely on OpenAI’s desktop software for day-to-day work. It also shows how supply-chain problems can ripple outward from a third-party tool into end-user software distribution, even when the affected vendor says its own systems were not compromised.

Why the desktop channel now matters as much as the model layer

The timing is notable because OpenAI has been steadily pushing more usage through dedicated desktop apps, especially for workflows that blend chat, coding, and local productivity. In that setting, a certificate update is not just a back-end security note; it is part of keeping the desktop channel trustworthy as the company expands how people install and use its software.

For OpenAI, the immediate task is simple: get Mac users onto current builds before support lapses on May 8, 2026. For users, the implication is equally direct: if the app is not current, it may stop being a reliable path into OpenAI’s tools.