Hosted on MSN

Chrome extension disguised as AI assistant expose 10K+ users OpenAI API keys

A Chrome browser extension posing as an artificial intelligence assistant is siphoning OpenAI credentials from more than 10,000 users and sending them to third-party servers. Cybersecurity platform ...

OpenAI Warns Mac Users to Update Apps After Supply-Chain Attack

OpenAI says Mac users must update ChatGPT, Codex, and Atlas apps by June 12 after an npm supply-chain attack exposed signing ...

OpenAI identifies security issue involving third-party tool, says user data was not accessed

The ChatGPT maker said it found no evidence that its user data was accessed or that its systems or intellectual property were compromised.
CSOonline

New backdoor ‘SesameOp’ abuses OpenAI Assistants API for stealthy C2 operations

Microsoft uncovers a months-long campaign where threat actors used OpenAI’s legitimate API as a covert command-and-control channel, bypassing traditional detection methods. In a newly uncovered ...