OpenAI says hackers stole some data after latest code security issue

A recent supply-chain attack compromised open source projects (notably TanStack), where attackers published 84 malicious versions in a short window containing credential-stealing and self-propagating malware; OpenAI reported two employees' devices were impacted and that limited credential material was stolen from internal repositories, prompting precautionary certificate rotations. The report situates this incident among a string of similar supply-chain compromises affecting widely used developer tools and software.