Malicious Hugging Face Models Could Trigger Remote Code Execution

A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI ...
The Next Web

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

The codexui-android npm package silently exfiltrated OpenAI Codex auth tokens to an attacker server for a month, affecting 29,000 weekly downloads.

I had ChatGPT build me a free PDF editor because I didn't trust it to change my files - it worked!

The smartest way to use AI may not be letting it touch your files, but asking it to write software that handles them safely - ...
The Hacker News

OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack

Codex tokens were exfiltrated via a popular npm package, affecting users since v0.1.82 and enabling persistent account access ...
Android

Infostealer Malware Sneaks into Popular Codex UI Tool After One Month of Building Trust

Cybersecurity researchers at Aikido Security have uncovered a malicious supply chain attack targeting OpenAI Codex developers via the npm package “codexui-android”. While the associated GitHub ...
Slator

Is OpenAI’s New Real-Time Interpreter a Big Deal?

Global firms hire linguists, OpenAI debuts new models, LTPs adjust cloud compute strategies, and highlights from SlatorCon ...

OpenAI putting Codex inside ChatGPT, 6 new business plugins now available

OpenAI continues to push Codex beyond an agentic coding desktop app to a general productivity tool for everyone. As ...

How to use ChatGPT: A beginner's guide to mastering OpenAI's chatbot in 2026

When you're ready to start your first chat, click or tap New chat, type your prompt in the composer, and press Enter or tap ...