16:40
2026-07-01
orionpolicy.org
ai-tools
OpenAI Codex Authentication Tokens Stolen in Supply Chain Attack
A malicious npm package called codexui-android stole OpenAI Codex authentication tokens from developers in a supply chain attack. The package, which had over 29,000 weekly downloads and was also bundlβ¦