Skip to content

OpenAI Codex Tokens Stolen in npm Supply Chain Attack

In a nutshell: An npm package disguised as an OpenAI Codex interface with 29,000 weekly downloads steals authentication tokens and enables attackers to abuse APIs under stolen identities.

Security researchers have disclosed a supply chain attack in which an npm package named codexui-android, disguised as a legitimate remote UI for OpenAI Codex, harvests OpenAI authentication tokens from developers. The package has been downloaded over 29,000 times per week and remains available.

The npm package codexui-android was presented as a remote web user interface for OpenAI Codex and hosted on GitHub and npm. The high download rate of over 29,000 downloads per week indicates broad distribution among developers seeking to integrate Codex functionality.

For CISOs and security officers, this attack poses a critical threat: stolen OpenAI authentication tokens enable attackers to access OpenAI APIs using the identities of legitimate developers. This not only allows unauthorized use of services, but potentially also access to sensitive content and models managed via the APIs. In organizations that have these stolen tokens abused in their internal systems, proprietary codebases can be compromised as well.

The ongoing availability of the package in the repository suggests that the compromise may not have been fully remediated. Organizations should immediately check whether codexui-android is present in their dependencies and invalidate all associated OpenAI API keys. Additionally, review of OpenAI API access logs is required to rule out unauthorized access.


Source: thehackernews.com · Published June 1, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification via Lumi News Pipeline v1.2.8.

Share on: