{"id":8280,"date":"2026-06-01T11:12:03","date_gmt":"2026-06-01T11:12:03","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/06\/01\/openai-codex-authentication-tokens-stolen-in-codexui-android-npm-supply-chain-attack\/"},"modified":"2026-06-01T11:12:03","modified_gmt":"2026-06-01T11:12:03","slug":"openai-codex-authentication-tokens-stolen-in-codexui-android-npm-supply-chain-attack","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/06\/01\/openai-codex-authentication-tokens-stolen-in-codexui-android-npm-supply-chain-attack\/","title":{"rendered":"OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack"},"content":{"rendered":"

\u200bCybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI.<\/p>\n

The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the repository.<\/p>\n

What\u00a0Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI.<\/p>\n

The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the repository.<\/p>\n

What\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"

\u200bCybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from… Read More »OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":8281,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8280"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=8280"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/8280\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/8281"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=8280"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=8280"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=8280"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}