OpenAI Expands Daybreak With GPT-5.5-Cyber to Help Defenders Patch Security Flaws

OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative the artificial intelligence AI company announced last month. Calling GPT‑5.5‑Cyber its "strongest model yet for finding and helping patch software...

EUVD-2026-36302

CodexBar before 0.33.0 contains a credential forwarding vulnerability that allows network-adjacent attackers to intercept sensitive credentials by issuing cross-origin or HTTP-downgrade redirects to the shared ProviderHTTPClient transport. Attackers can redirect credentialed provider requests...

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Cybersecurity researchers have disclosed details of a new malicious supply chain campaign that's targeting developers using OpenAI Codex through a legitimate-looking remote web UI. The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting ove...

27,000-Download Codex UI Tool Secretly Stole OpenAI Refresh Tokens

A malicious Codex UI npm package with 27,000 weekly downloads was caught exfiltrating OpenAI refresh tokens, exposing developers to account takeover risks...

Malicious code in codex-devcontainer-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8248bf278df1e89da484099e912cdf9f8659976469a219bee14a03e2755391ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2026-5062 Malicious code in codex-devcontainer-install (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8248bf278df1e89da484099e912cdf9f8659976469a219bee14a03e2755391ce Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview codexui-android is a malicious package. offering a remote web UI for OpenAI Codex, secretly stealing Codex OAuth credentials. Malicious code exists only in published npm builds—not in the public GitHub repo—and runs at import time, reading /.codex/auth.json, XOR-encrypting it, and POSTin...

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

OpenAI has launched Daybreak , a new cybersecurity initiative that brings together frontier artificial intelligence AI model capabilities and Codex Security to help organizations identify and patch vulnerabilities before attackers find a way in using the same issues. "Daybreak combines the...

Maestro 0.15.4

Maestro is a cross-platform desktop app for orchestrating your fleet of AI agents and projects. It's a high-velocity solution for hackers who are juggling multiple projects in parallel. Designed for power users who live on the keyboard and rarely touch the mouse. Collaborate with AI to create...

OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts

OpenAI is rolling out Advanced Account Security for people concerned that their ChatGPT or Codex accounts could be potential targets of phishing attacks...

(0Day) OpenAI Codex Sandbox Escape Vulnerability

This vulnerability allows remote attackers to bypass the sandbox on affected installations of OpenAI Codex. User interaction is required to exploit this vulnerability in that the target must use Codex to process a repository containing malicious JavaScript. The specific flaw exists within the...

@alialf/cc-switch (>=1.0.0 <=1.0.1), codex-copilot-dx (>=0.1.0 <=0.1.6) potentially affected by CVE-2026-6874 via copilot-api (=0.7.0)

copilot-api NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on copilot-api and may be impacted: - @alialf/cc-switch =1.0.0, =0.1.0, =0.1.6 Source cves: CVE-2026-6874 Source advisory: SNYK:JS-COPILOTAPI-16321518...

@alialf/cc-switch (>=1.0.0 <=1.0.1), codex-copilot-dx (>=0.1.0 <=0.1.6) potentially affected by CVE-2026-6874 via copilot-api (=0.7.0)

copilot-api NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on copilot-api and may be impacted: - @alialf/cc-switch =1.0.0, =0.1.0, =0.1.6 Source cves: CVE-2026-6874 Source advisory: OSV:GHSA-3VR4-CVMG-7FX4...

@alialf/cc-switch (>=1.0.0 <=1.0.1), codex-copilot-dx (>=0.1.0 <=0.1.6) potentially affected by CVE-2026-6662 via copilot-api (=0.7.0)

copilot-api NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on copilot-api and may be impacted: - @alialf/cc-switch =1.0.0, =0.1.0, =0.1.6 Source cves: CVE-2026-6662 Source advisory: SNYK:JS-COPILOTAPI-16636640...

vantix

Vantix Vantix is a Codex-native offensive-security control pl...

Paperclip: codex_local inherited ChatGPT/OpenAI-connected Gmail and was able to send real email

Summary A Paperclip-managed codexlocal runtime was able to access and use a Gmail connector that I had connected in the ChatGPT/OpenAI apps UI, even though I had not explicitly connected Gmail inside Paperclip or separately inside Codex. In my environment this enabled mailbox access and a real...

GHSA-GQQJ-85QM-8QHF Paperclip: codex_local inherited ChatGPT/OpenAI-connected Gmail and was able to send real email

Summary A Paperclip-managed codexlocal runtime was able to access and use a Gmail connector that I had connected in the ChatGPT/OpenAI apps UI, even though I had not explicitly connected Gmail inside Paperclip or separately inside Codex. In my environment this enabled mailbox access and a real...

@paperclipai/server (>=2026.3.17-canary.2 <=2026.416.0-canary.1), companies.sh (>=2026.324.0-canary.0 <=2026.325.0-canary.3) +4 more potentially affected by unknown CVE via @paperclipai/adapter-codex-local (>=2026.318.0-canary.0 <=2026.416.0-canary.1)

@paperclipai/adapter-codex-local NPM version =2026.318.0-canary.0, =2026.3.17-canary.2, =2026.324.0-canary.0, =2026.3.17-canary.3, =0.6.5, =0.6.6 Source cves: unknown CVE Source advisory: SNYK:JS-PAPERCLIPAIADAPTERCODEXLOCAL-16421448...

CVE-2025-61260

A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enables code execution through malicious MCP Model Context Protocol configuration files. The attack is triggered when a user runs the codex command inside a malicious or compromised repository. Codex automatically loads...

vuln-poc-generate-skill

vuln-poc-generate-skill A Codex skill project for generating...