OpenAI Codex tool linked to malicious NPM supply chain attack
A malicious npm package posing as a remote web UI tool for OpenAI Codex has been discovered in a supply-chain attack, exfiltrating authentication tokens from developers. The package, "codexui-android,…