Popular OpenAI Codex tool with 29k weekly downloads stole dev tokens for a month

▼ Summary
– The npm package “codexui-android” appeared legitimate with an active GitHub repository and 29,000 weekly downloads, offering a remote web UI for OpenAI Codex.
– For the past month, every use of the package has been silently reading developer tokens, indicating a supply chain attack.
– The package’s malicious behavior involved stealing tokens from developers who invoked it.
The npm package appeared completely above board. It boasted an active GitHub repository, a consistent development history, and roughly 29,000 weekly downloads. For developers relying on OpenAI Codex, it delivered precisely what it promised: a remote web UI for the AI-powered coding assistant. Yet, for the past month, every single execution of the package named codexui-android has also been quietly exfiltrating sensitive data.
The malicious behavior was subtle but severe. Each time a developer used the tool, it silently read the contents of local credential files, including authentication tokens. This supply chain attack effectively stole developer tokens without raising any immediate alarms. The package’s long-standing activity and GitHub presence made it easy for users to trust it, even as it siphoned credentials in the background.
Security researchers discovered the breach only after analyzing anomalous network traffic. The package had been compromised for at least four weeks, during which time it harvested tokens from unsuspecting developers. These tokens could grant attackers access to private repositories, cloud services, and other critical infrastructure.
The incident underscores a growing risk in the open-source ecosystem. Even well-maintained packages with substantial download counts can harbor hidden threats. Developers are urged to audit their dependencies regularly, verify package integrity, and avoid granting broad permissions to third-party tools. For those who used codexui-android, immediate action is recommended: rotate all affected tokens and review access logs for any unauthorized activity.
(Source: The Next Web)




