otherMay 13
Our response to the TanStack npm supply chain attack
OpenAI responded to the TanStack Mini Shai-Hulud npm supply chain attack by securing systems, updating signing certificates, and requiring macOS users to update OpenAI apps by June 12, 2026. The attack exploited a vulnerability in a third-party library. OpenAI took steps to protect against similar threats. You should assess your own dependencies for vulnerabilities.
Key takeaways
- OpenAI secured systems and updated signing certificates post-attack.
- macOS users must update OpenAI apps by June 12, 2026.
- Attack exploited a third-party library vulnerability.