OpenAI has confirmed that two of its employees had their devices affected by a recent supply chain attack that targeted open-source software projects used by many companies.

The company said its investigation found no evidence that user data was accessed, production systems or intellectual property were compromised, or its software was altered.

The incident is linked to an earlier attack on TanStack, a popular open source library used by developers to build web applications. TanStack disclosed the attack on Monday and said hackers managed to publish 84 malicious versions of its software within a six-minute window. According to the project’s postmortem, a researcher detected the attack within 20 minutes.

The malicious versions of TanStack contained malware designed to steal credentials from computers where the software was installed. The malware was also built to self-propagate, allowing it to spread to other systems.

OpenAI said the attack led to unauthorized access and theft of credentials from a limited number of internal source code repositories that the two affected employees could access. The company said only limited credential material was taken from those repositories.

As a precaution, OpenAI is rotating digital certificates that were present in the affected repositories and used to sign some of its products. The company said this step will require macOS users to update the OpenAI app, but added that it found no evidence of compromise or risk to existing software installations.

It is still unclear who was behind the TanStack attack. Some recent supply chain attacks have been linked to a hacking group known as TeamPCP, though other groups have used similar tactics against software projects.

READ
OpenClaw AI Agent App Launches on Android and iPhone

Earlier this year, North Korean hackers reportedly hijacked Axios, a widely used open source development tool, and pushed malware that could have affected millions of developers. In May, Chinese hackers were also accused of carrying out a similar campaign against Windows computers running the disc-imaging software Daemon Tools.

These attacks show how hackers are increasingly targeting open source projects instead of going after individual companies directly. By taking over trusted software libraries and pushing malware through normal-looking updates, attackers can potentially reach many organizations with a single compromise.


Buy ExpressVPN with PayPal or Credit Card

Advertisement