Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise
A malicious version (5. 0. 2) of the intercom/intercom-php package was found on Packagist, extending the Mini Shai-Hulud supply chain attack from npm into the PHP ecosystem. This compromised package abuses Composer plugin execution to download the Bun runtime and run an obfuscated payload that steals sensitive credentials such as GitHub tokens, cloud provider credentials, SSH keys, Kubernetes tokens, and HashiCorp Vault secrets from developer machines and CI/CD environments. The stolen data is encrypted with AES-256-GCM and exfiltrated to attacker-controlled infrastructure. The payload also includes propagation capabilities to modify GitHub repositories and npm packages using the stolen credentials. With about 12,700 daily installs before removal, this malicious artifact potentially impacted many high-value development environments.
AI Analysis
Technical Summary
The threat involves a supply chain attack targeting the PHP ecosystem via a malicious artifact of the intercom/intercom-php package version 5.0.2 on Packagist. The compromised package exploits Composer plugin execution to download and run the Bun runtime, which executes an obfuscated credential-stealing payload during installation. This payload harvests a wide range of sensitive credentials from developer and CI/CD environments, encrypts the stolen data using AES-256-GCM, and exfiltrates it to attacker infrastructure. Additionally, the payload contains logic to propagate the attack by modifying GitHub repositories and npm packages using the stolen credentials. This attack represents an expansion of the Mini Shai-Hulud supply chain attack previously seen in the npm ecosystem. The compromised package was installed approximately 12,700 times daily before its removal.
Potential Impact
The impact includes theft of highly sensitive credentials such as GitHub tokens, cloud provider credentials, SSH keys, Kubernetes tokens, and HashiCorp Vault secrets from developer machines and CI/CD environments. This can lead to unauthorized access to source code repositories, cloud infrastructure, and other critical systems. The attacker can also propagate the attack by modifying repositories and npm packages using stolen credentials, potentially expanding the compromise. The widespread installation rate suggests a significant exposure before the package was removed.
Mitigation Recommendations
No official patch or remediation guidance is provided in the available data. Since this is a supply chain compromise involving a malicious package version, the primary mitigation is to remove the compromised intercom/intercom-php package version 5.0.2 from affected environments and replace it with a verified clean version. Developers and organizations should audit their environments for signs of credential theft and unauthorized repository or package modifications. Monitoring for use of stolen credentials and rotating all potentially exposed secrets is recommended. Patch status is not yet confirmed — check the vendor advisory or Packagist announcements for current remediation guidance.
Indicators of Compromise
- hash: e69bf4b3e84e7951a7b4ded8fee8822c57630cf8
- hash: e8a812c5ea7d8c7ed642b0d82754ced6a99025b0
- hash: 50212a875643520353df158196b9b3be4595094125ad8d2d2c48bdd9cb04ce1f
- hash: 66664a49edbcee0ed0d8365839707916e92d3aa06e7f26f33c9dcc58e5fc1ef3
- hash: 832a976d1a8d54e296e8479aedbd89fa24baa02b8409a78bf06d4d03340881bd
- hash: 907aec5b1288057a3e0885226918b6930a62a0f348ce23de026a683238c7903e
- hash: b084743bd16043461e68b604dde80a8b386b405eae6f66c1103fb4fd6831d4a7
- url: https://zero.masscan.cloud:443/v1/telemetry
- domain: zero.masscan.cloud
Mini Shai-Hulud Spreads to Packagist: Malicious Intercom PHP Package Follows npm Compromise
Description
A malicious version (5. 0. 2) of the intercom/intercom-php package was found on Packagist, extending the Mini Shai-Hulud supply chain attack from npm into the PHP ecosystem. This compromised package abuses Composer plugin execution to download the Bun runtime and run an obfuscated payload that steals sensitive credentials such as GitHub tokens, cloud provider credentials, SSH keys, Kubernetes tokens, and HashiCorp Vault secrets from developer machines and CI/CD environments. The stolen data is encrypted with AES-256-GCM and exfiltrated to attacker-controlled infrastructure. The payload also includes propagation capabilities to modify GitHub repositories and npm packages using the stolen credentials. With about 12,700 daily installs before removal, this malicious artifact potentially impacted many high-value development environments.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The threat involves a supply chain attack targeting the PHP ecosystem via a malicious artifact of the intercom/intercom-php package version 5.0.2 on Packagist. The compromised package exploits Composer plugin execution to download and run the Bun runtime, which executes an obfuscated credential-stealing payload during installation. This payload harvests a wide range of sensitive credentials from developer and CI/CD environments, encrypts the stolen data using AES-256-GCM, and exfiltrates it to attacker infrastructure. Additionally, the payload contains logic to propagate the attack by modifying GitHub repositories and npm packages using the stolen credentials. This attack represents an expansion of the Mini Shai-Hulud supply chain attack previously seen in the npm ecosystem. The compromised package was installed approximately 12,700 times daily before its removal.
Potential Impact
The impact includes theft of highly sensitive credentials such as GitHub tokens, cloud provider credentials, SSH keys, Kubernetes tokens, and HashiCorp Vault secrets from developer machines and CI/CD environments. This can lead to unauthorized access to source code repositories, cloud infrastructure, and other critical systems. The attacker can also propagate the attack by modifying repositories and npm packages using stolen credentials, potentially expanding the compromise. The widespread installation rate suggests a significant exposure before the package was removed.
Mitigation Recommendations
No official patch or remediation guidance is provided in the available data. Since this is a supply chain compromise involving a malicious package version, the primary mitigation is to remove the compromised intercom/intercom-php package version 5.0.2 from affected environments and replace it with a verified clean version. Developers and organizations should audit their environments for signs of credential theft and unauthorized repository or package modifications. Monitoring for use of stolen credentials and rotating all potentially exposed secrets is recommended. Patch status is not yet confirmed — check the vendor advisory or Packagist announcements for current remediation guidance.
Technical Details
- Author
- AlienVault
- Tlp
- white
- References
- ["https://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromise"]
- Adversary
- null
- Pulse Id
- 69f4696df292a40fd0caa46d
- Threat Score
- null
Indicators of Compromise
Hash
| Value | Description | Copy |
|---|---|---|
hashe69bf4b3e84e7951a7b4ded8fee8822c57630cf8 | — | |
hashe8a812c5ea7d8c7ed642b0d82754ced6a99025b0 | — | |
hash50212a875643520353df158196b9b3be4595094125ad8d2d2c48bdd9cb04ce1f | — | |
hash66664a49edbcee0ed0d8365839707916e92d3aa06e7f26f33c9dcc58e5fc1ef3 | — | |
hash832a976d1a8d54e296e8479aedbd89fa24baa02b8409a78bf06d4d03340881bd | — | |
hash907aec5b1288057a3e0885226918b6930a62a0f348ce23de026a683238c7903e | — | |
hashb084743bd16043461e68b604dde80a8b386b405eae6f66c1103fb4fd6831d4a7 | — |
Url
| Value | Description | Copy |
|---|---|---|
urlhttps://zero.masscan.cloud:443/v1/telemetry | — |
Domain
| Value | Description | Copy |
|---|---|---|
domainzero.masscan.cloud | — |
Threat ID: 69f8ab67cbff5d8610291231
Added to database: 5/4/2026, 2:21:27 PM
Last enriched: 5/4/2026, 2:37:04 PM
Last updated: 5/4/2026, 4:56:53 PM
Views: 5
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.