
‘New Money’ Ripple (XRP) Ranked Ahead of Revolut, Perplexity in Prestigious CNBC List
Ripple (XRP) is now 16th in CNBC's disruptor companies list for 2026, surpassing Revolut!

OpenAI confirmed a security breach linked to the Shai-Hulud malware campaign, affecting two employee devices and a few internal code storage systems. No customer data or core systems were compromised.
Mentioned in this story
OpenAI confirmed this week that hackers tied to the Shai-Hulud malware campaign breached parts of its internal development environment through a compromised open-source software package. The incident follows similar disclosures from Mistral AI as hackers increasingly target software tools used to build AI models and applications.
In a blog post on Wednesday, OpenAI said hackers compromised TanStack npm, a software tool developers use to download and manage coding packages. The company said malware infected two employee devices, and gave attackers access to a small number of internal code storage systems before OpenAI stopped the activity.
“We observed activity consistent with the malware’s publicly described behavior, including unauthorized access and credential-focused exfiltration activity, in a limited subset of internal source code repositories to which the two impacted employees had access,” OpenAI wrote.
The company said it found no evidence that customer data, production systems, or intellectual property were compromised.
OpenAI said the impacted repositories included code-signing certificates used for products on macOS, Windows, and iOS. Those certificates help operating systems verify that software actually comes from a trusted company and has not been altered.
“As a result, we are rotating code-signing certificates as a precaution, which will require macOS users to update their applications,” the company said. “Users do not need to take any action for Windows and iOS apps. Additional guidance will be provided to macOS users regarding these required updates.”
OpenAI said macOS users must update OpenAI apps before June 12. Older versions signed with the previous certificates may stop functioning after that date.
OpenAI did not immediately respond to a request for comment by Decrypt.
The disclosure follows reports earlier this week involving Microsoft and French AI startup Mistral AI tied to the same broader malware campaign.
On Monday, Microsoft Threat Intelligence said attackers inserted malicious code into a Mistral AI software package distributed through PyPI, a platform developers use to download Python software tools. According to Microsoft, the malware downloaded another malicious file designed to resemble Hugging Face’s popular Transformers library, so it would blend into AI development environments.
The Shai-Hulud malware campaign is a hacking effort that targets software tools used in AI development, recently affecting companies like OpenAI and Mistral AI.
The breach occurred through a compromised open-source software package, specifically the TanStack npm tool used for managing coding packages.
No, OpenAI stated that there is no evidence that customer data, core systems, or company technology were affected by the breach.

Ripple (XRP) is now 16th in CNBC's disruptor companies list for 2026, surpassing Revolut!

Non-dollar stablecoins see supply growth but lose market share

Bitcoin's price has fallen to $77,000, but its implied volatility stays low at 42%. What does this mean for traders?

Pi Network's major update is delayed and PI price recovery has stalled below key support levels.

XRP drops to $1.35 after failing to break $1.50 resistance. Analysts warn of potential further declines.

JPMorgan reports Bitcoin is significantly outperforming Ethereum and altcoins.
See every story in Crypto — including breaking news and analysis.
OpenAI said the attacks highlight growing risks across the tech industry.
“This incident reflects a broader shift in the threat landscape: Attackers are increasingly targeting shared software dependencies and development tooling rather than any single company,” they wrote.