Attackers have infected a popular npm package (codexui-android, ~27,000 weekly downloads) with malware that steals long-lived OpenAI tokens while successfully evading code audits and Google Play reviews.
Dutch authorities have taken offline a botnet with 17 million infected devices and seized more than 200 supporting servers, striking a significant blow against cybercriminal infrastructure.
Threat actors are abusing ChatGPT share links to host fake OpenAI outage pages that redirect users to download malware disguised as a ChatGPT desktop application, exploiting user trust in legitimate channels through social engineering.