Published • loading... • Updated
27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens
A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks.
This article has been indexed from Hackread – Cybersecurity News, Data Breaches, AI and More
Read the original article: 27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens The post 27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens appeared first on IT Securit…
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.3 Articles
3 Articles
HackReadReposted by 
IT Security News - cybersecurity, infosecurity news
IT Security News - cybersecurity, infosecurity news27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens
A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks.
A manipulated npm package in a popular programming tool steals unnoticed long-lasting authentication tokens from OpenAI developers. Security researcher Charlie Eriksen from Aikido Security uncovered a campaign in which malware was specifically placed in a popular developer tool for OpenAI Codex. Affected is a legitimate npm package called codexui-android, which serves as a remote control interface for developers and recorded around 27,000 downlo…
Coverage Details
Total News Sources3
Leaning Left0Leaning Right0Center0Last UpdatedBias DistributionNo sources with tracked biases.
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
