OpenAI has confirmed that its employees' devices were compromised in a recent cyberattack. Hackers targeted the widely used open-source project TanStack, injecting malicious code into it. This attack resulted in unauthorized access to some of OpenAI's internal code repositories and data theft, according to reports Techcrunch.com.
According to the company's investigation, no user personal data or core production systems were compromised. Nevertheless, as a precautionary measure, OpenAI decided to rotate the digital certificates used to sign its products. This process requires macOS users to update their applications.
It is worth noting that these types of "supply chain" attacks have been increasing recently. Instead of attacking companies directly, hackers are compromising popular open-source software to secretly inject malicious updates. Through this method, criminals gain access to many systems simultaneously.
So far, the perpetrators behind the attack on the TanStack project have not been identified. Similar tactics have previously been attributed to hacking groups linked to North Korea and China. OpenAI experts continue to strengthen security measures.
Read “Zamin” on Telegram!
