Cybersecurity researchers have disclosed details of a new
malicious supply chain campaign that's targeting developers using
OpenAI Codex through a legitimate-looking remote web UI. The tool,
named codexui-android, is advertised on GitHub and npm as a remote
web UI for OpenAI Codex, attracting over 29,000 weekly downloads.
The package is still available for download from the repository.
What
Read more https://thehackernews.com/2026/06/openai-codex-authentication-tokens.html
