UPDATED · News · 14 May 2026 · MTW News Desk
The ChatGPT Mac app security update is the most important thing macOS users need to apply this month. OpenAI confirmed on 14 May 2026 that two of its employee devices were compromised in the Mini Shai-Hulud supply-chain attack on the TanStack npm packages, forcing the company to revoke its macOS signing certificates and require every Mac user to update by 12 June.
- OpenAI says two employee devices were impacted by the Mini Shai-Hulud TanStack npm compromise on 11 May 2026.
- ChatGPT, Codex App, Codex CLI and ChatGPT Atlas all require a signed update before 12 June 2026 to keep running on macOS.
- OpenAI states no user data was accessed and no production systems were compromised; only limited credential material left the affected machines.
- iOS, Windows, Linux and web ChatGPT users are not affected by the ChatGPT Mac app security update.
Why the ChatGPT Mac app security update matters for every MacBook user
This is the second forced ChatGPT Mac app security update in five weeks. OpenAI already pushed a precautionary refresh on 10 April after the Axios developer-tool compromise. May’s incident is broader: Mini Shai-Hulud is a self-spreading worm that, between 19:20 and 19:26 UTC on 11 May, published 84 malicious versions across 42 @tanstack/* npm packages by combining a “Pwn Request” pattern with GitHub Actions cache poisoning and runtime OIDC token extraction. Two OpenAI engineers had local checkouts; their device credentials leaked.
What that means in practice is that any ChatGPT Desktop build older than 1.2026.125, Codex App 26.506.31421, Codex CLI 0.130.0 or Atlas 1.2026.119.1 will be blocked by macOS Gatekeeper from 12 June. Apple’s notarisation system relies on the developer certificate that signed the binary, and OpenAI has now revoked every certificate that touched a TanStack version during the malicious window. Users running an older MacBook Pro on the macOS 26.5 update will simply see ChatGPT refuse to launch.
How the ChatGPT Mac app security update reaches your device
OpenAI is shipping the ChatGPT Mac app security update through the existing in-app updater. Open the app, click your profile, choose “Check for updates” and accept the prompt — the new binary is signed with a freshly issued certificate. The Codex App and Codex CLI updates go through the same channel for paid developer subscribers. Atlas, OpenAI’s young Mac browser, ships via its own self-updater but follows the same revocation logic. None of this affects ChatGPT on iOS, iPadOS, Windows or the web client; the supply-chain compromise only touched the macOS signing pipeline.
If you ignored OpenAI’s 8 May email warning, you are not yet locked out. The new certificates are valid from today, and old certificates remain active until 12 June. After that date, macOS will quietly fail the signature check and refuse to open the app. The fix is identical to AppleInsider’s earlier troubleshooting guide: trash the old build, download fresh from chatgpt.com or the Mac App Store, and re-authenticate. Codex CLI users can run “brew upgrade codex” or pull the new tarball from OpenAI’s release page.
What the ChatGPT Mac app security update tells us about AI supply chains
| Incident | Date | MTW read |
|---|---|---|
| Axios npm compromise | 31 March 2026 | First forced ChatGPT Mac app security update; OpenAI rotated certs. |
| Mini Shai-Hulud (TanStack) | 11 May 2026 | Second forced rotation in 41 days. Two OpenAI dev machines compromised. |
| Mini Shai-Hulud (Mistral, UiPath) | 11 May 2026 | 169 npm packages hit; AI labs are now a primary attack surface. |
Two compromises in six weeks is not a coincidence. AI labs are an attractive target precisely because they ship signed desktop binaries that millions of users execute with elevated permissions. The pattern of npm worms hitting developer toolchains is on the rise — every major Anthropic and OpenAI build pipeline depends on hundreds of upstream packages, and Mini Shai-Hulud’s automation specifically targets CI/CD secrets. That is why YubiKey ChatGPT security rolled out in late April was timely; account-level credentials and machine-level credentials now demand the same hardware-rooted protection.
What UK MacBook owners should do about the ChatGPT Mac app security update
If you are a UK ChatGPT Plus, Pro or Business user on a MacBook Pro, MacBook Air, Mac mini or Mac Studio, take five minutes today. Update ChatGPT to the latest build, restart, and confirm the app opens normally. If you also use Codex CLI for development workflows, pull the new binary now rather than mid-deadline. Enterprise admins can pre-stage the new versions through Jamf or Kandji — OpenAI publishes the pkg installers on its enterprise console.
For broader hygiene, this is the moment to revisit your AI account security posture. Apple’s security advisories page already tracks one actively exploited zero-day for 2026, and the ChatGPT Mac app security update is the second forced cert rotation OpenAI has issued. Hardware-backed passkeys on your AI accounts, FileVault on your Mac, and only installing AI binaries direct from the vendor — not from re-hosted DMG mirrors — are the basics that mattered yesterday and matter more today.
MTW verdict
Apply the ChatGPT Mac app security update today, not on 11 June. OpenAI has handled the Mini Shai-Hulud incident professionally — fast disclosure, clear remediation, no spin — but two forced rotations in six weeks shows AI desktop apps are now a soft underbelly of the supply chain. Treat them like security software, not chat clients.
Buyer action
Where to buy or check next
Use this as the final check before ordering a phone, changing network or trusting a headline monthly price.
Reader discussion
Leave a comment
Comments are moderated. Keep it useful, accurate, and on topic.