{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreidb6h2skvtkq4bhn635dl2oqf2l36g4jrnw3cu637fhe4dgi4nhmq",
    "uri": "at://did:plc:oyu7kdlpydxm44ioz2z7kbhs/app.bsky.feed.post/3mnc76tmd2fx2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreiafiaoontzya246rrqy4qtupx7oc7pffcczohpdhx2lvplmn3f4va"
    },
    "mimeType": "image/jpeg",
    "size": 97217
  },
  "path": "/2026/06/02/popular-codex-package-caught-exfiltrating-authentication-credentials/",
  "publishedAt": "2026-06-02T08:11:34.000Z",
  "site": "https://dataconomy.com",
  "tags": [
    "Cybersecurity",
    "Artificial Intelligence",
    "News",
    "Codex",
    "openAI",
    "supply chain attack"
  ],
  "textContent": "Researchers uncovered a malicious supply chain attack using a fake OpenAI Codex web UI called codexui-android that steals authentication tokens.",
  "title": "Popular Codex package caught exfiltrating authentication credentials"
}