Hackers Breach OpenAI Employee Devices

Hackers compromised two OpenAI employee devices through a supply‑chain attack on the popular TanStack open‑source library, which briefly shipped 84 malicious versions designed to steal credentials and spread malware. OpenAI says attackers accessed a limited subset of internal source‑code repositories and stole some credential material, including certificates now being rotated as a precaution. The company found no evidence that user data, production systems, or software releases were affected. The incident highlights the growing wave of supply‑chain attacks where hackers infiltrate open‑source projects to distribute malware across the software ecosystem.

Read the full story on TechCrunch →