#API tokens

A popular OpenAI Codex tool with 29,000 weekly downloads has been quietly stealing developer tokens for a month

A popular npm package with 29,000 weekly downloads has been silently stealing OpenAI API tokens for a month, raising concerns about supply chain security.