HomeIntelligenceBrief
🔓 BREACH BRIEF⚪ Informational📋 Advisory

OpenAI Expands Codex Desktop App to Operate Across macOS Apps with Background Computer Use

OpenAI’s Codex desktop update adds background computer use, enabling the AI to see, click, and type in any macOS application, introduce memory persistence, and integrate over 90 new plugins—raising new data‑handling and governance concerns for third‑party risk managers.

🛡️ LiveThreat™ Intelligence · 📅 April 18, 2026· 📰 helpnetsecurity.com
Severity
Informational
📋
Type
Advisory
🎯
Confidence
High
🏢
Affected
4 sector(s)
Actions
4 recommended
📰
Source
helpnetsecurity.com

OpenAI Expands Codex Desktop App to Operate Across macOS Apps with Background Computer Use

What Happened – OpenAI released a major update to its Codex desktop application for ChatGPT‑signed‑in users, adding “background computer use” that lets the AI see, click, and type in any macOS application. The feature ships first to Enterprise, Education, EU and UK users and includes memory, cross‑app automation, an in‑app browser, and over 90 new plugins.

Why It Matters for TPRM

  • AI‑driven automation can introduce new data‑handling pathways and potential exposure of proprietary code or confidential documents.
  • Cross‑application control expands the attack surface of any third‑party environment that integrates Codex, requiring updated governance and monitoring.
  • Memory and long‑running tasks create persistent state that may retain sensitive information beyond the original session.

Who Is Affected – Technology and SaaS vendors, software development teams, enterprises with internal dev environments, educational institutions using OpenAI services, and any organization that permits Codex to interact with internal macOS workstations.

Recommended Actions

  • Review contractual clauses and data‑processing agreements with OpenAI for coverage of AI‑generated content and retained memory.
  • Verify that Codex’s background access aligns with your organization’s least‑privilege policies; enforce OS‑level sandboxing where possible.
  • Update vendor risk assessments to include AI‑agent behavior, plugin inventory, and potential data exfiltration vectors.
  • Monitor audit logs for unexpected Codex‑initiated actions across critical applications.

Technical Notes – The update introduces a “background computer use” agent that can manipulate UI elements, run parallel agents, and interact with an in‑app browser. New plugins integrate with Atlassian Rovo, CircleCI, GitLab, Microsoft tools, and more than 90 additional services. Memory persistence allows the model to retain context across days, and GPT‑Image‑1.5 enables on‑the‑fly image generation. No CVEs or known vulnerabilities were disclosed. Source: Help Net Security

📰 Original Source
https://www.helpnetsecurity.com/2026/04/17/openai-codex-desktop-update-macos/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

🛡️

Monitor Your Vendor Risk with LiveThreat™

Get automated breach alerts, security scorecards, and intelligence briefs when your vendors are compromised.

Start Free Trial → Learn About Scorecards
← All Intelligence Briefs Breach Watch Feed →