#axios

OpenAI said a compromised Axios package reached a GitHub Actions workflow used in its macOS app-signing pipeline. The company said it found no evidence of user data or product compromise, but is rotating certificates and requiring users to update macOS apps.

StepSecurity’s March 31, 2026 disclosure turned a pair of malicious axios releases into a high-priority ecosystem warning. The affected packages used a fake dependency and a postinstall path to deliver a cross-platform RAT dropper.