OpenAI said a compromised Axios package reached a GitHub Actions workflow used in its macOS app-signing pipeline. The company said it found no evidence of user data or product compromise, but is rotating certificates and requiring users to update macOS apps.
OpenAI said on April 10, 2026 that a compromised Axios package touched a GitHub Actions workflow used in its macOS app-signing pipeline. The company says no user data, systems, or software were compromised, but macOS users need updated builds signed with a new certificate before May 8, 2026.
OpenAI said a malicious Axios 1.14.1 package was executed in a GitHub Actions workflow used for macOS app signing. The company says it found no evidence of user-data exposure or tampered apps, but it is rotating certificates and requiring macOS users to update ChatGPT Desktop, Codex App, Codex CLI, and Atlas before May 8, 2026.
A 440-point Show HN thread put Ghost Pepper, a menu-bar macOS app that records on Control-hold and transcribes locally, into the agent-tooling conversation because its speech and cleanup stack stays on-device.
Agent Safehouse is an open-source macOS hardening layer that uses sandbox-exec to confine local coding agents to explicitly approved paths instead of inheriting a developer account’s full access.
A popular Hacker News post highlighted Agent Safehouse, a macOS tool that wraps Claude Code, Codex and similar agents in a deny-first sandbox using sandbox-exec. The project grants project-scoped access by default, blocks sensitive paths at the kernel layer, and ships as a single Bash script under Apache 2.0.
Anthropic's Claude Code Cowork (multi-agent collaboration) feature was found to create a ~10GB VM bundle on macOS using Apple's Virtualization Framework without warning users. The GitHub issue garnered 200+ points on Hacker News.