OpenAI Forced to Revoke macOS Signing Certificate After Supply Chain Breach

The frontier labs are learning what banks learned in the 2010s: you are infrastructure now, and adversaries treat you that way. The interesting tell is that the same threat group hit four labs and a government in one campaign — meaning AI companies are being targeted as a category, not individually. For any enterprise buyer: ask your AI vendor about their software supply chain, incident response, and certificate rotation cadence. If they can't answer in detail, you're the next blast radius.