Update, June 28, 2026: A second supply chain attack has triggered another forced update of the ChatGPT Mac app. macOS began blocking new downloads and launches of any ChatGPT, Codex, Codex CLI, or Atlas build signed with the previous certificate on June 12, 2026, and OpenAI set a hard deadline of June 26, 2026 to move every Mac to a re-signed build. The fix below works for both this incident and the earlier May 8 one.
The ChatGPT Mac app has now broken twice in two months for the same reason, and the most recent break carries a hard deadline. After a supply chain attack on the TanStack open-source library on May 11, 2026, OpenAI rotated its macOS code-signing certificate again, and Apple’s Gatekeeper started rejecting any old-certificate build of ChatGPT, Codex, Codex CLI, and Atlas on June 12, 2026. If your app suddenly shows a “damaged” or “cannot be verified” warning, you are on a revoked build and you need to update before June 26, 2026.
This guide packages the whole story in one place. You get the 2-minute update fix, the clean reinstall path when the in-app updater is unreachable, the version check that confirms you are on a safe build, what OpenAI says about your data, a quick note on the newest ChatGPT desktop client for Mac features that shipped alongside these fixes, and the multi-model option more Mac users are picking up so a single vendor’s signing pipeline stops being their problem.
The Key Takeaways
- It happened again. A May 11, 2026 attack on the TanStack library forced a second certificate rotation; macOS blocks old-certificate builds from June 12, 2026.
- There is a deadline. Move every ChatGPT, Codex, Codex CLI, and Atlas Mac app to a re-signed build before June 26, 2026.
- The fix takes 2 minutes. If the app still opens, click ChatGPT → Check for Updates. If it doesn’t, reinstall fresh from chatgpt.com/download.
- Only macOS is affected. Windows, iOS, Android, and chatgpt.com on the web keep working untouched.
- No user data was accessed. OpenAI says limited credential material was exfiltrated from its build pipeline, but found no evidence that user data, systems, or shipped software were altered.
It Happened Again: the June 2026 Forced Update
The trigger this time was a supply chain attack nicknamed Mini Shai-Hulud. On May 11, 2026, attackers compromised the popular TanStack open-source library, and the malicious code reached two OpenAI employee devices. From there the attackers gained access to internal source-code repositories and exfiltrated what OpenAI calls “limited credential material,” including capabilities tied to code signing.
OpenAI’s response was the same precautionary move as last time, a full certificate rotation. macOS Gatekeeper trusts a signature, not an app name, so once the old certificate was pulled, every build signed with it looked tampered to your Mac even though nothing on your machine changed. New downloads and launches of old-certificate builds are blocked from June 12, 2026, with a hard cutover deadline of June 26, 2026. You can read OpenAI’s own writeup in its TanStack npm supply chain attack advisory, and 9to5Mac has a plain-English summary.
The Fix: Update or Reinstall in Two Minutes
If your ChatGPT app still opens, the fastest route to a safe build is from inside the app. Launch ChatGPT, click ChatGPT in the macOS menu bar at the top-left of your screen, and pick Check for Updates. If a new version is offered, install it and let the app restart. A banner inside ChatGPT prompting you to update does exactly the same thing.
If ChatGPT throws a Gatekeeper warning the moment you double-click the icon, the in-app updater is no longer reachable from that old build, so the clean recovery path is a fresh install. Quit any running ChatGPT processes from Activity Monitor, drag the existing ChatGPT.app out of Applications to the Trash, and download the latest installer from chatgpt.com/download. The new build is signed with the current certificate, and Gatekeeper accepts it on launch.
You will not lose your conversation history. ChatGPT history lives on OpenAI’s servers tied to your account, not in the app bundle, so once you sign back in your chats are exactly where you left them. If macOS still flags the new binary as damaged after a clean reinstall, your Keychain is probably caching a revoked certificate; open Keychain Access, search for “OpenAI” or “ChatGPT,” delete any expired or revoked entries, and install again.
How to Confirm You Are on a Safe ChatGPT Mac App Build
After updating, confirm you are on a current build by clicking ChatGPT → About ChatGPT in the menu bar. You want the newest release signed with the post-incident certificate, which is whatever the in-app updater or chatgpt.com/download serves you now. If Check for Updates reports you are up to date and the app launches without a Gatekeeper warning, you are clear.
The macOS desktop app requires macOS 14 or newer and Apple Silicon (M1 or better). Intel Macs and older macOS releases are not supported by the official OpenAI client, which is a separate question from this certificate issue.
What You Might See, and How to Read It
The symptom you see depends on which build you were running when you last launched the app. The table below covers the most common scenarios after the June 12 block.
| Symptom | Likely cause | What to do | Time required |
|---|---|---|---|
| App opens normally, no warnings | You are already on a re-signed build | Nothing; confirm via About ChatGPT | ~10 seconds |
| App opens but updater is stuck | Build still launches but cannot fetch updates | Quit, reinstall fresh from chatgpt.com/download | ~3 minutes |
| “ChatGPT is damaged and can’t be opened” | Build is signed with the revoked certificate | Reinstall from chatgpt.com/download; do not bypass Gatekeeper | ~3 minutes |
| “ChatGPT cannot be verified” | Gatekeeper rejects the old signature | Reinstall fresh; do not right-click-Open the old binary | ~3 minutes |
The Gatekeeper warning is alarming the first time you see it because it uses the same wording macOS shows for genuinely malicious binaries, which is precisely why OpenAI rotated the certificate. Any app signed with that certificate had to come down with it. Avoid the temptation to right-click and “Open Anyway”; the cleaner move is the fresh install, which puts you on a Mac app that Apple’s notarization service still trusts.
All Four OpenAI Mac Apps Are Affected
The certificate change is not just a ChatGPT problem. The same OpenAI signing pipeline issues the certificates for every Mac app the company ships, so if you have any of these installed, each one needs the same update.
- ChatGPT Desktop is the consumer-facing client most people on FelloAI use, and the one you are most likely to see in your Applications folder.
- Codex is OpenAI’s coding-focused desktop client; if you write code with it on Mac, it needs the same update path as ChatGPT.
- Codex CLI is the terminal tool many developers wire into shell scripts; reinstall it via brew or whatever package manager you used originally.
- Atlas is OpenAI’s browsing client, less common on Mac than the other three, but if it is installed it follows the same fix.
Do not assume that because ChatGPT updated cleanly, the others did. Each app maintains its own update channel, so confirm each one separately before the June 26 cutover.
This Is the Second Incident: the May 8 Certificate Revocation
If this feels familiar, that is because the same thing happened weeks earlier. On May 8, 2026, OpenAI revoked the macOS certificate it had used through April 2026, after a March 31, 2026 supply chain attack on the axios npm library slipped a malicious version into its GitHub Actions signing pipeline. Google’s Threat Intelligence Group attributed that operation to UNC1069, a North Korea-linked group. OpenAI re-signed every Mac app and shipped new builds, and any version released after April 20, 2026 launched normally.
Independent reporting from The Hacker News and BleepingComputer corroborated OpenAI’s account at the time, noting it engaged a third-party forensics firm and found no production-system compromise. The takeaway is that two cert rotations in under two months is now the pattern, not a one-off, which is the broader point worth planning around.
Was My ChatGPT Data Compromised?
OpenAI is direct on this point for both incidents. For the June TanStack npm supply chain attack advisory, the company says limited credential material was exfiltrated from internal repositories, but that it found “no evidence any user data was accessed nor were its own systems compromised,” and no evidence that malicious software was signed with any OpenAI certificate. For the May incident, its Axios developer tool compromise advisory states the same, that no user data, systems, or shipped software were altered.
That is good news for your account, your billing, and your stored conversations. The bad news is that supply chain attacks on developer tooling are now common enough that this will not be the last one, which is the part most security write-ups skip past.
What Else Changed in the ChatGPT Mac App This June
The Mac app did not just get security fixes this month, it also picked up real features, mostly on the ChatGPT desktop client for Mac and Codex side. Codex Remote is now generally available on all ChatGPT plans, so from the ChatGPT mobile app you can start or continue work on a connected Mac or Windows host, review progress, and approve actions from your phone. Goal mode reached general availability across the Codex app, IDE extension, and CLI, letting you define an outcome and success criteria and leave Codex working toward it.
On macOS specifically, the new Appshots feature lets you press both Command keys to send the frontmost app window to Codex with a screenshot and its available text, so it can act on what is on your screen without copy-paste. 9to5Mac has a hands-on look at how Appshots works. These are useful additions, but they all still tie you to one vendor’s model and one signing pipeline, which is the exact dependency the next section is about.
Why This Keeps Happening, and a Multi-Model Alternative
Single-vendor desktop clients are fragile by design. When one company controls the signing certificate, the auto-updater, and the model behind your chat, any one of those breaking takes the whole product down with it. ChatGPT has now gone through outages, login issues, model deprecations, and two certificate revocations inside a few months, and most Mac users just patch each one and move on. That works fine until you hit a workday where the app will not launch and the work piling up does not care why.
Before committing to one vendor, it is worth seeing how the three native Mac apps stack up. If you want a backup, the Fello AI app for Mac is a Mac and iOS client that bundles ChatGPT, Claude, Gemini, Grok, and DeepSeek under one $9.99/month subscription. The point is not to replace ChatGPT; the point is that one vendor’s signing issue stops being your problem when you can switch models inside the same app and keep working.
If you want background on how those models compare, our best AI models in 2026 roundup covers the trade-offs in detail, and for Mac users specifically our guide to the best ChatGPT alternatives for Mac rates the multi-model clients side by side, including how each one handles outages, model switching, and pricing.
Conclusion
The June rotation is recoverable in two minutes if your app still opens, and in three minutes if it doesn’t, the same as the May one. Either way your data is fine and your account is fine, but this time there is a firm June 26, 2026 deadline, so do not leave it. If your app still launches, click Check for Updates today; if it doesn’t, reinstall fresh from chatgpt.com/download.
The longer-term takeaway is the one most security-news sites skipped. Single-vendor desktop clients fail in single-vendor ways, and two bad cert rotations in two months is a pattern, so if your workflow can’t survive a one-day ChatGPT outage, line up a multi-model fallback before the next one lands. To compare the native Mac clients head to head, our Claude AI desktop client for Mac and Gemini desktop app for Mac pages cover the two strongest alternatives, and if your app is back up, our deep dive on ChatGPT Personal Finance on the Mac app walks through linking your bank via Plaid and the privacy trade-offs to weigh first.
FAQ
My ChatGPT Mac app won’t open. What do I do?
Open Safari, go to chatgpt.com/download, drag the new ChatGPT.app into Applications (replacing the old one), and launch it from Applications. The new build is signed with the current certificate, so Gatekeeper will accept it. Your conversation history lives on OpenAI’s servers and will be intact when you sign in.
What is the June 26, 2026 ChatGPT Mac app deadline?
After the May 11 TanStack supply chain attack, OpenAI rotated its macOS certificate again. macOS blocks new downloads and launches of old-certificate builds from June 12, 2026, and June 26, 2026 is the hard cutover, so update every ChatGPT, Codex, Codex CLI, and Atlas Mac app before then.
Are Windows, iOS, or web ChatGPT users affected?
No. The certificate revocation is specific to macOS code signing. Windows, iOS, Android, and chatgpt.com on the web are unaffected and need no action.
Was my ChatGPT account or data compromised?
OpenAI states there is no evidence that user data was accessed or that its systems or shipped software were altered. The attack hit its build pipeline and exfiltrated limited credential material, and the certificate was rotated as a precaution.
How do I avoid being caught out by the next ChatGPT outage?
Keep a multi-model fallback ready. Apps like the Fello AI app for Mac bundle ChatGPT, Claude, Gemini, Grok, and DeepSeek in one client, so a single vendor’s signing or update problem no longer stops your work.




