1. OpenAI CLI Security Flaw: Predictable Temp Files Allowed Local Attackers to Steal Model Data, Inject Scripts
A critical security vulnerability in OpenAI's command-line interface (CLI) tool, specifically within its onboarding module, exposed systems to local attacks. The flaw resided in six functions that created temporary files using predictable names based on `Date.now()` and `Math.random().toString(36)`. This predictability...