They used a GitHub action with a floating tag (I guess @latest or non SHA pinned e.g. @v4) that I’m assuming in turn had its latest version bringing latest axios.

That GitHub action used to sign their Mac apps.

So they assume the certificate used to sign is compromised.

The risk is not to existing app, but theoretically someone could give you a copy of a malicious OpenAI binary, sign it with the compromised certificate, and impersonate OpenAI. Unlikely, but not impossible.