# Credential-Stealing Malware Found in Popular Intercom Libraries *Friday, May 1, 2026 at 6:14 AM UTC — Hamer Intelligence Services Desk* **Published**: 2026-05-01T06:14:14.178Z (5h ago) **Category**: cyber | **Region**: Global **Importance**: 8/10 **Sources**: OSINT **Permalink**: https://hamerintel.com/data/articles/2208.md **Source**: https://hamerintel.com/summaries --- **Deck**: Security researchers report that on May 1, 2026, malicious code linked to the ‘Mini Shai‑Hulud’ campaign was detected in intercom-client (npm) and intercom-php (Packagist) libraries. The compromise uses install-time hooks to steal a wide range of developer and cloud credentials. ## Key Takeaways - Malicious updates to intercom-client (npm) and intercom-php (Packagist) were identified by early May 1, 2026. - The campaign, dubbed “Mini Shai‑Hulud,” deploys install-time credential stealers targeting GitHub, cloud, SSH, Kubernetes, Vault, Docker, and environment files. - The incident follows earlier supply-chain compromises in other AI/ML-related packages, suggesting an expanding operation. - Organizations using these packages face risk of source code theft, infrastructure compromise, and lateral movement across cloud estates. On May 1, 2026, around 06:10 UTC, security analysts disclosed that widely used Intercom integration libraries intercom-client (for npm/Node.js) and intercom-php (for Packagist/PHP) had been compromised as part of a broader campaign known as “Mini Shai‑Hulud.” The malicious versions introduce install-time hooks that deploy a credential-stealing payload on developer and CI/CD systems, significantly elevating the threat of software supply-chain compromise. The newly revealed compromise appears to be a continuation or expansion of an operation that previously targeted other popular open-source packages, including in the AI and machine learning ecosystem. Rather than attacking production servers directly, the adversary leverages trust in public package repositories. Once a developer or automated pipeline installs the tainted package, the embedded script quietly executes and exfiltrates sensitive authentication materials. The payload reportedly targets a broad spectrum of secrets: GitHub access tokens, cloud provider credentials, SSH keys, Kubernetes configuration files, HashiCorp Vault tokens, Docker configuration, and generic `.env` files often used to store API keys and database passwords. This breadth of collection suggests the attackers are not focused on a single vendor or platform, but on gaining durable, reusable access across a victim’s entire software and infrastructure stack. Key players in this incident include the unknown threat actors behind the Mini Shai‑Hulud campaign, the maintainers and communities around the affected Intercom libraries, and the administrators of npm and Packagist repositories. Security vendors, incident responders, and enterprise defenders are now engaged in tracing the infection window, identifying affected versions, and scoping potential downstream compromise. This development matters because the attacked components are not niche: Intercom is widely used for customer communication, and its libraries are often integrated deeply into web backends and SaaS platforms. Compromise at the package level can silently propagate into hundreds or thousands of businesses, including those handling regulated or sensitive data, without any explicit intrusion into their own repositories. Moreover, the type of credentials targeted—source-control tokens, cloud keys, and Kubernetes secrets—are the building blocks of modern digital operations. With a single compromised GitHub token, an attacker can insert backdoors into proprietary code, pivot into CI/CD infrastructure, or steal intellectual property. Cloud credentials can enable data theft, ransomware deployment at scale, or abuse of compute resources for cryptomining and further attacks. Regionally, this incident has global impact, as npm and Packagist users span North America, Europe, Asia-Pacific, and beyond. The compromise underscores the growing strategic importance of software supply-chain security, an area that state and non-state actors alike are exploiting to achieve disproportionate effects with limited initial access. ## Outlook & Way Forward In the near term, defenders should expect a rolling disclosure process as more indicators of compromise (IOCs) and affected versions are identified. Organizations using intercom-client or intercom-php should immediately audit installed versions, cross-check against emerging advisories, rotate all potentially exposed credentials, and inspect build logs and endpoints for signs of exfiltration activity. Medium-term, the Mini Shai‑Hulud campaign is likely to broaden its target set, given the attackers’ apparent success in compromising multiple popular packages. We should anticipate further attempts against high-download libraries, especially those tied to cloud, AI/ML, and developer tooling. Strategic responses will require stronger provenance controls (such as signed artifacts and reproducible builds), tighter dependency governance, and enhanced behavioral monitoring of package install scripts in both developer workstations and CI/CD environments. Longer term, this incident will add pressure on ecosystem stewards and regulators to formalize baseline security expectations for public package repositories. Measures could include stricter maintainer identity verification, anomaly detection for sudden code changes, and default warnings on packages that execute install-time hooks. Analysts should watch for attribution clues that might link Mini Shai‑Hulud to known threat groups, as well as any confirmed cases where exfiltrated credentials led to high-profile breaches, which would significantly elevate the geopolitical and economic stakes of the campaign.