Brief IA

OpenAI: Critical Update on macOS After Cyberattack

🤖 Models & LLM·Tom Levy·

OpenAI: Critical Update on macOS After Cyberattack

OpenAI: Critical Update on macOS After Cyberattack
Key Takeaways
1OpenAI was hacked on May 11 through a vulnerability in TanStack, affecting two employees.
2Although user data remains intact, an update is required on macOS to avoid potential risks.
3The application signing certificates for OpenAI on macOS will be revoked on June 12, making the update essential.
💡Why it mattersmacOS users need to update their OpenAI applications to ensure their security and avoid service interruptions.
Le brief IA que lisent les pros

Le brief IA que les pros lisent chaque soir

Les 7 actus IA du jour, décryptées en 5 min. Gratuit.

Inclus dès l'inscription : notre sélection des meilleurs guides & comparatifs IA.

Choisis ton rythme

Gratuit · Pas de spam · Désabonnement en 1 clic

📄
Full Analysis

OpenAI: Crucial Update on macOS After Cyberattack

Users of OpenAI applications on macOS, including ChatGPT, must urgently update their applications before June 12. This directive follows an official announcement from the company, confirming that two of its employees fell victim to a hacking incident on May 11. The incident was caused by a vulnerability in TanStack, a widely used open-source library for web application development. This attack, identified as a "supply chain" attack and dubbed "Mini Shai-Hulud," affected several software products.

User Data Security Assured

According to the investigation conducted by OpenAI, user data was not affected by this attack. "We have confirmed that only certain identification data was exfiltrated from these code repositories and that no other information or code was compromised," stated OpenAI. The company also clarified that no intellectual property was stolen. Although user data is secure, OpenAI has decided to ask its macOS users to proceed with an update as a precautionary measure.

Importance of Updating OpenAI Applications

The code repositories affected by this attack contain signature certificates for OpenAI products on iOS, macOS, and Windows. In response to this incident, OpenAI has decided to renew these certificates, which requires an update of OpenAI applications on macOS, but not on iOS and Windows. The affected applications include ChatGPT, Codex, Codex CLI, and Atlas (OpenAI's browser).

OpenAI plans to revoke its certificates on June 12. Versions of the applications that do not have the new certificate will be blocked by macOS security tools. "This helps prevent any risk, however small, that someone might attempt to distribute a fake application that appears to come from OpenAI," the company explained. Therefore, this update is essential to ensure user security and avoid any service interruption.

Brief IA — L'actualité IA en français

L'essentiel de l'actualité de l'intelligence artificielle, décrypté et expliqué chaque jour.