OpenAI Got Hacked & Every NGINX Server Is at Risk 🔥

Two major security stories broke today that every business and IT team needs to know about: a confirmed breach at OpenAI and an 18-year-old flaw that puts millions of web servers at risk of complete takeover. Here's what happened and what you should do.

🔓 OpenAI Confirms Employee Devices Were Compromised in Supply Chain Attack

OpenAI has published a security advisory confirming that two of its employees' devices were compromised as part of the TanStack supply chain attack — a sophisticated campaign in which attackers poisoned widely-used open-source packages to steal credentials and hijack developer machines. Think of a supply chain attack like a tampered ingredient slipping into a recipe: developers unknowingly install a malicious package, and attackers get a backdoor into their systems.

OpenAI says no customer data, production systems, intellectual property, or deployed software was affected — but the company is rotating its code signing certificates as a precaution. This is significant because it shows that even the world's most prominent AI companies aren't immune to supply chain threats. If your developers use npm or PyPI packages (and most do), your organization faces the same risk vector.

Read more →

🌐 An 18-Year-Old Bug in NGINX Can Let Attackers Take Over Your Server

Security researchers at Depthfirst have published details on CVE-2026-42945, a critical heap overflow vulnerability in NGINX — the web server software that powers a massive chunk of the internet, including many corporate websites and APIs. This particular bug has been hiding in NGINX's code since 2008, and it affects both standard NGINX deployments and F5 products built on top of it.

In plain terms: if your server uses certain NGINX rewrite rules (a very common configuration), an attacker can send a specially crafted request to corrupt the server's memory and execute any command they want — essentially taking full control. Researchers confirmed the exploit is reliable and doesn't require any prior access. If you or your team runs NGINX, this needs to go to the top of your patching list today. Review your configurations and apply updates immediately.

Read more →

Stay ahead of threats like these with GOCO Security — visit gocosecurity.com to learn how we help businesses stay protected.