OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

June 1, 2026
No Comments

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI.

The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the repository.

What

Leave a Reply Cancel reply

Threat Actors Deploy Tiflux RMM for Persistent Remote Access May 29, 2026
Threat actors are abusing legitimate RMM tools as a means of creating persistence inside victims’ systems, using the Tiflux RMM tool. Tiflux is a reputable Brazilian software platform used by IT departments and Managed Service Providers (MSPs) for managing IT assets, tickets, teams, and remote monitoring. As reported by Huntress, the campaign is using Tiflux […]
Kirsten Doyle
Building cyber resilience for mission-critical operations in 2026 May 27, 2026
For a long time, cybersecurity has been viewed as a technology-based problem, with leaders focused on crafting intelligent protective systems designed to prevent major attacks. However, as the threats faced by modern organizations grow increasingly sophisticated, agile, and unpredictable, the way teams approach cybersecurity must evolve. In a landscape where threats evolve faster than many […]
Sean Toohey
Major US telecom providers debut C2 ISAC to counter AI-driven threats May 26, 2026
Eight of the leading communications companies in the United States have created a new cybersecurity alliance that aims to improve threat intelligence sharing within the telecommunications industry, amid growing concerns about AI cyberattacks, state-sponsored espionage, and infrastructure attacks. The new cybersecurity partnership, the Communications Cybersecurity Information Sharing and Analysis Center (C2 ISAC), has been launched by eight […]
Kirsten Doyle
Passwordless security and the new identity battleground May 26, 2026
For years, passwords were the only thing that mattered for securing our online presence, but the discussion around authentication is evolving rapidly. Passkeys, biometrics, device trust, and adaptive identity management solutions are often cited as the key to the next level of security, while attackers are focusing on directly targeting our identity infrastructure. Session hijacking, […]
Kirsten Doyle
Verizon DBIR 2026: What the experts are saying May 21, 2026
According to the 2026 Verizon Data Breach Investigations Report, the threat environment is transforming in terms of speed, scale, and interconnected risk. For the first time in its history, vulnerability exploitation was identified as the top initial access vector, representing 31% of attacks, and the report found that ransomware, third-party attacks, and misuse of AI are all on the […]
Kirsten Doyle
Exploited Faster, Patched Slower: Verizon DBIR 2026 Shows Security Teams Losing Ground May 20, 2026
The Verizon 2026 Data Breach Investigations Report (DBIR) reveals a threat environment moving much faster than many organizations can reasonably protect themselves against. Based on information collected from more than 31,000 security incidents and over 22,000 confirmed data breaches spanning 145 different countries, the DBIR reveals a changing face to how attackers get in, how fast vulnerabilities are exploited, […]
Kirsten Doyle
How EM is boosting the career trajectory of VM analysts May 19, 2026
As organizations shift from vulnerability management (VM) to exposure management (EM), the role of the VM analyst must evolve or become outmoded. This necessary transition forces analysts to move beyond the job description of scanning and patching and into more strategic, business-aligned roles. AI has necessitated this change in many areas of security, from SOCs to CISOs, […]
Katrina Thompson
NCSC warns organisations not to rush into agentic AI May 19, 2026
UK’s National Cyber Security Centre (NCSC) has advised businesses to proceed with caution when considering the implementation of agent-based AI, suggesting that agentic AI represents an entirely different kind of security problem compared to generative AI. According to a recent blog post and global guidance, produced in cooperation with authorities in the US, Australia, Canada, and New Zealand, NCSC advised organisations to “learn to […]
Kirsten Doyle
7-Eleven Notifies Franchise Applicants After Breach Exposes Personal Data May 19, 2026
A security breach notification process has been initiated by 7-Eleven as a result of a security incident where an outside party was able to gain access to their systems containing franchisers’ information. According to a breach notification filed with the state of Maine, the company discovered that threat actors accessed some of its internal systems on 8 April 2026. The company claims that […]
Kirsten Doyle
OpenAI rotates certificates after TanStack supply chain attack hits employee devices May 18, 2026
OpenAI has confirmed that two employee devices were compromised in the recent TanStack npm supply chain attack, prompting the company to rotate code-signing certificates and require macOS users to update their applications by 12 June. In a security advisory published this week, the company said it found no evidence that customer data, production systems, or intellectual property were accessed […]
Kirsten Doyle

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Critical WP Maps Pro Flaw Actively Exploited to Create Admin Accounts

The Security Growth Platform: Why MSPs Are Moving Beyond vCISO Tools

Leave a Reply Cancel reply

[email protected]

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Share :

Leave a Reply Cancel reply