OpenAI’s GPT-5.5, GPT-5.4, and Codex are now production-ready on Amazon Bedrock with AWS governance integration, automatic capacity management, and OpenAI-aligned pricing.
An npm package disguised as an OpenAI Codex interface with 29,000 weekly downloads steals authentication tokens and enables attackers to abuse APIs under stolen identities.
Attackers have infected a popular npm package (codexui-android, ~27,000 weekly downloads) with malware that steals long-lived OpenAI tokens while successfully evading code audits and Google Play reviews.