UPDATE: TeamPCP / Mini Shai-Hulud — OpenAI named as victim; code-signing certificate rotation enforced for all macOS apps
From CTI Daily Brief — 2026-05-15 · published 2026-05-15 · view item permalink →
UPDATE (originally covered 2026-05-13): OpenAI disclosed on approximately 2026-05-13 that two employee devices were compromised through the TanStack npm supply-chain attack (Mini Shai-Hulud / TeamPCP, first covered in this brief series on 2026-05-12 and 2026-05-13) and that the compromise affected OpenAI's macOS code-signing certificates (TechCrunch, 2026-05-14 · The Record, 2026-05-14).
The attackers exfiltrated "limited credential material" from internal source code repositories accessible to the two affected employees; OpenAI states no customer data, production systems, or core intellectual property were accessed. Critically, the certificate used to sign OpenAI's macOS desktop applications (ChatGPT for macOS and related apps) was among the compromised material, triggering an emergency certificate rotation. OpenAI is requiring all macOS app users to update to the latest version before June 12, 2026, after which older builds will lose functionality and macOS Gatekeeper notarization will block apps signed with the compromised certificate. Enterprise MDM administrators with OpenAI macOS apps in their managed fleet should push a forced update immediately. Threat attribution is unofficially assessed as TeamPCP (the same actor behind the broader TanStack worm), consistent with prior reporting on the actor's OIDC token theft and credential exfiltration goals.