TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

By rooter

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI.

The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the repository.

What

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools

rooter
Cyber Security

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

rooter
Cyber Security

Dutch Authorities Dismantle Botnet Linked to 17 Million Infected Devices

rooter

Leave a Reply

You Missed

News

CVE-2026-8732: The WP Maps Pro Flaw That Lets Anyone Create a WordPress Admin Without a Password

News

90 New Sci-Fi, Fantasy, and Horror Books Arriving in June

News

An OpenAI model solved a famous math problem that stumped humans for 80 years

News

Surprise, ‘Masters of the Universe’ is Coming to IMAX