The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...

OpenAI launches role-specific plugins for Codex

OpenAI ( OPENAI) has introduced role-specific plugins, including for finance and marketing, for Codex. The company introduced ...
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...

Malicious npm package targeting OpenAI Codex users steals authentication tokens

The tool gathered over 29,000 downloads before the malicious npm package was identified ...
GitHub

Codex 101 — OpenAI Codex Complete Guide

The live site displays the viewer's current date automatically and reflects the latest Codex model guidance reviewed from official docs. Codex 101 is a comprehensive guide to OpenAI's coding agent ...
The Hacker News

GitHub | Breaking Cybersecurity News | The Hacker News

A security researcher found a flaw in Anthropic's Claude Code GitHub Action that let an attacker take over vulnerable public repositories running it, with nothing more than a single opened GitHub ...