Researchers uncovered a malicious supply chain campaign hiding in the npm package codexui-android, which secretly steals OpenAI Codex authentication tokens from developers and sends them to sentry.anyclaw[.]store. The same exfiltration chain was also found in Android apps linked to BrutalStrike, while a separate finding showed deleted Google API keys can remain usable long enough to expose data through Google Gemini. #OpenAICodex #codexuiandroid #BrutalStrike #anyclawstore #GoogleGemini
Keypoints
- codexui-android is a malicious npm package disguised as a remote web UI for OpenAI Codex.
- The package silently exfiltrates ~/.codex/auth.json tokens to sentry.anyclaw[.]store.
- The stolen refresh_token can allow indefinite impersonation of a victim account.
- The same code was also delivered through Android apps tied to BrutalStrike.
- Researchers also found deleted Google API keys can remain active briefly and be abused.
Read More: https://thehackernews.com/2026/06/openai-codex-authentication-tokens.html