OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently infected, legitimate open-source software library.
Why it matters: The incident could have allowed hackers to exfiltrate a certificate that could make phony OpenAI apps look legitimate — although OpenAI says it hasn't seen this happen.
