Aikido Security reports that codexui-android, a remote web UI for OpenAI Codex with a real GitHub repo and tens of thousands of weekly npm downloads, quietly exfiltrated Codex, OpenAI, GitHub, SSH, and npm credentials from users’ environments.
Legitimate-Looking Codex Remote UI Secretly Steals Your AI Tokens
Aikido Security reports that codexui-android, a remote web UI for OpenAI Codex with a real GitHub repo and tens of thousands of weekly npm downloads, quietly exfiltrated Codex, OpenAI, GitHub, SSH, and npm credentials from users' environments.
Source: Aikido