A malicious npm package named codexui-android was used to steal OpenAI Codex authentication tokens from developers who installed it, representing a serious supply chain attack on a widely-used development tool. You should immediately audit your npm depend
A malicious npm package named codexui-android was used to steal OpenAI Codex authentication tokens from developers who installed it, representing a serious supply chain attack on a widely-used development tool. You should immediately audit your npm depend
Read the full article: https://thehackernews.com/2026/06/openai-codex-authentication-tokens.html
Run a free 10-point security scan on your site — headers, SSL, DNS, and more. Results in 15 seconds.
Test Your Site Now — It's Free