
OpenAI Devices Hacked, Ozempic Supplier Offline & Change Healthcare Lawsuit
From Security Squawk - The Business of Cybersecurity by Bryan Hornung Reginald Andre & Randy Bryan
May 19, 2026 · 45 min
About this episode
The episode discusses three significant cyber incidents highlighting the risks of third-party trust in business.
A poisoned software package compromised OpenAI employee devices before security teams could stop it. The company behind critical Ozempic injection components has been offline for weeks after a ransomware attack. And Change Healthcare is now facing another major lawsuit tied to the 2024 breach that crippled healthcare payments nationwide. Three stories. One message: Your business is now exposed to companies you don't control. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three cyber incidents that reveal how third-party trust has become one of the biggest operational risks in business today. This Week's Cybersecurity Breakdown 1. OpenAI, TanStack & the npm Supply Chain Worm A software supply chain attack spread through trusted developer ecosystems at massive speed: 42 npm packages poisoned in six minutes Malware stole GitHub tokens, AWS credentials, and CI/CD secrets OpenAI confirmed two employee devices were compromised ChatGPT Desktop, Codex App, Codex CLI, and Atlas certificates rotated Demonstrates how modern attacks now spread through trusted development infrastructure 2. West Pharmaceutical Ransomware Attack A cyberattack…
People in this episode
Hosts: Bryan Hornung, Randy Bryan, Reginald Andre
Topics covered
- cybersecurity
- ransomware
- software supply chain
- third-party risk
- healthcare breach
- business exposure
Keywords
- OpenAI
- Ozempic
- ransomware
- Change Healthcare
- West Pharmaceutical
- cyber incidents
- supply chain attack
- business risk
Mentioned in this episode
Organizations: OpenAI, Change Healthcare, West Pharmaceutical
Products: Ozempic
More episodes of Security Squawk - The Business of Cybersecurity
- DentaQuest Breach Exposes 2.6 Million — and Why "Confident" Small Businesses Keep Getting Hit · June 9, 2026 · 35 min
- The Biggest Cybersecurity Threat Isn't Malware Anymore | NYC Hospitals, Carnival & FBI Warning · June 3, 2026 · 35 min
- 7-Eleven Hacked, 143,000 Immigration Records Exposed, FBI Quietly Takes Over From CISA · May 26, 2026 · 35 min
- AI Built Its First Zero-Day | 275M Student Records Stolen | 90% Hidden Ransomware · May 12, 2026 · 59 min
- TSYS Ransomware Attack, Canvas Data Breach & HIPAA Security Failures Explained · May 5, 2026 · 41 min
- Hackers Use Microsoft Teams to Break In - VPN Ransomware Surge - KPMG 2026 Warning · April 28, 2026 · 42 min
Explore listener stats, chart rankings, contacts and more on the Security Squawk - The Business of Cybersecurity podcast page.