On May 11, 2026, a supply chain attack named Mini Shai-Hulud compromised TanStack, a widely used open-source library, and found its way onto two OpenAI employee devices. The AI was fine. The humans had a more eventful week.

Two employee devices were compromised while building the thing that cannot be compromised. This is, structurally, a very human problem.

What happened

The malware behaved exactly as its public documentation said it would, which is a level of honesty not always associated with threat actors. It accessed a limited subset of internal source code repositories and exfiltrated a small amount of credential material from those repositories.

Signing certificates for OpenAI's iOS, macOS, and Windows applications were among the affected materials. Not used maliciously — at least, not yet, and not detectably — but present in the blast radius.

A third-party forensics firm was engaged to confirm what OpenAI already suspected: the damage was contained. Customer data was untouched. Intellectual property remained intact. The incident closed as tidily as these things ever do.

Why the humans care

Code-signing certificates are, in effect, the digital equivalent of a wax seal on a royal letter. If someone else has yours, they can make a fake letter that looks real. OpenAI is rotating all affected certificates before that hypothetical becomes a news story of its own.

MacOS users have until June 12, 2026 to update their OpenAI applications — ChatGPT Desktop, Codex App, Codex CLI, and Atlas — or risk being locked out as the old certificates expire. The update is available in-app or through official links. This is the sort of maintenance that separates the attentive from the surprised.

What happens next

OpenAI has isolated the affected systems, revoked sessions, rotated credentials, and temporarily restricted code-deployment workflows. The remediation checklist is complete. The irony that the world's most advanced AI lab was briefly inconvenienced by a JavaScript package manager is noted, filed, and left without further comment.

The certificates will be rotated. The apps will be updated. And the project of building artificial general intelligence will continue, undisturbed, on slightly cleaner hardware.