A North Korean-linked supply chain attack on the Axios npm library compromised OpenAI's macOS code-signing workflow, exposing certificates for ChatGPT Desktop, Codex, and Atlas. Users must update before May 8 or face app lockout.
HN liked the hack, but the real excitement was infrastructure. Cua’s background macOS driver keeps the cursor, focus, and Space in place while an agent works inside another app.
OpenAI said a compromised Axios package reached a GitHub Actions workflow used in its macOS app-signing pipeline. The company said it found no evidence of user data or product compromise, but is rotating certificates and requiring users to update macOS apps.
OpenAI said on April 10, 2026 that a compromised Axios package touched a GitHub Actions workflow used in its macOS app-signing pipeline. The company says no user data, systems, or software were compromised, but macOS users need updated builds signed with a new certificate before May 8, 2026.
A 440-point Show HN thread put Ghost Pepper, a menu-bar macOS app that records on Control-hold and transcribes locally, into the agent-tooling conversation because its speech and cleanup stack stays on-device.
Agent Safehouse is an open-source macOS hardening layer that uses sandbox-exec to confine local coding agents to explicitly approved paths instead of inheriting a developer account’s full access.
A popular Hacker News post highlighted Agent Safehouse, a macOS tool that wraps Claude Code, Codex and similar agents in a deny-first sandbox using sandbox-exec. The project grants project-scoped access by default, blocks sensitive paths at the kernel layer, and ships as a single Bash script under Apache 2.0.
Anthropic's Claude Code Cowork (multi-agent collaboration) feature was found to create a ~10GB VM bundle on macOS using Apple's Virtualization Framework without warning users. The GitHub issue garnered 200+ points on Hacker News.