{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/products/npm/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":[],"_cs_cves":[],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["intercom-client (= 7.0.4)","AWS","GCP","Azure","github.com","npm"],"_cs_severities":["critical"],"_cs_tags":["supply-chain","credential-theft","npm"],"_cs_type":"advisory","_cs_vendors":["npm","GitHub","Amazon","Google","Microsoft","Intercom"],"content_html":"\u003cp\u003eOn April 30, 2026, version 7.0.4 of the intercom-client npm package was published using a compromised developer account. This version was not created through Intercom\u0026rsquo;s official build pipeline. The malicious package contained an obfuscated JavaScript payload that was designed to execute upon installation via a \u003ccode\u003epreinstall\u003c/code\u003e hook. This payload was designed to harvest sensitive credentials from the environment in which it was running, including cloud provider credentials (AWS, GCP, and Azure), environment variables, \u003ccode\u003e.env\u003c/code\u003e files, GitHub and npm tokens, SSH keys, local configuration files, and cloud metadata service credentials. The stolen credentials were then exfiltrated to attacker-controlled GitHub repositories. The compromised package was available on npm for approximately 2 hours, between 15:00 and 17:00 UTC. This incident is part of the \u0026ldquo;Mini Shai-Hulud\u0026rdquo; supply chain campaign, as tracked by Wiz and Socket. Developers are advised to check their projects for the presence of version 7.0.4 using \u003ccode\u003enpm list intercom-client\u003c/code\u003e and rotate credentials if found.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe attacker compromises a developer account with publishing privileges for the intercom-client npm package.\u003c/li\u003e\n\u003cli\u003eThe attacker publishes a malicious version of the intercom-client package (version 7.0.4) to npm.\u003c/li\u003e\n\u003cli\u003eThe malicious package includes an obfuscated JavaScript payload within a \u003ccode\u003epreinstall\u003c/code\u003e hook.\u003c/li\u003e\n\u003cli\u003eWhen a developer installs the compromised package using \u003ccode\u003enpm install intercom-client\u003c/code\u003e, the \u003ccode\u003epreinstall\u003c/code\u003e script automatically executes.\u003c/li\u003e\n\u003cli\u003eThe obfuscated JavaScript payload harvests credentials from the environment, including cloud provider credentials (AWS, GCP, Azure), environment variables, .env files, GitHub and npm tokens, SSH keys, local configuration files, and cloud metadata service credentials.\u003c/li\u003e\n\u003cli\u003eThe harvested data is exfiltrated to attacker-controlled GitHub repositories.\u003c/li\u003e\n\u003cli\u003eThe attacker gains access to the stolen credentials, potentially allowing them to compromise cloud infrastructure, source code repositories, and other sensitive resources.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eThe compromise of the intercom-client npm package resulted in the potential theft of sensitive credentials, including cloud provider credentials, API keys, and SSH keys. The impact could include unauthorized access to cloud infrastructure, source code repositories, and other sensitive resources. This attack affects any developer or organization that installed version 7.0.4 of the intercom-client package between 15:00 and 17:00 UTC on April 30, 2026. The long-term consequences depend on the extent to which the stolen credentials are used to further compromise systems and data.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade the intercom-client package to version 7.0.3 or earlier to avoid the compromised version, as mentioned in the \u003ca href=\"#patches\"\u003ePatches\u003c/a\u003e section.\u003c/li\u003e\n\u003cli\u003eImmediately rotate all credentials (cloud provider credentials, environment variables, API keys, SSH keys) accessible from any environment where version 7.0.4 was installed, as recommended in the \u003ca href=\"#workarounds\"\u003eWorkarounds\u003c/a\u003e section.\u003c/li\u003e\n\u003cli\u003eReview CI/CD build logs for any \u003ccode\u003enpm install\u003c/code\u003e commands that resolved to version 7.0.4 between 15:00 and 17:00 UTC on April 30, 2026, to identify potentially affected systems, as described in the \u003ca href=\"#workarounds\"\u003eWorkarounds\u003c/a\u003e section.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Suspicious npm Preinstall Script\u0026rdquo; to identify potentially malicious npm package installations based on unusual script execution.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-08T12:00:00Z","date_published":"2026-05-08T12:00:00Z","id":"/briefs/2026-05-npm-intercom-client-compromise/","summary":"A compromised version (7.0.4) of the intercom-client npm package was published using a compromised developer account, containing obfuscated JavaScript that executed during installation to harvest and exfiltrate credentials from the environment, as part of the 'Mini Shai-Hulud' supply chain campaign.","title":"Compromised intercom-client npm Package Exfiltrates Credentials","url":"https://feed.craftedsignal.io/briefs/2026-05-npm-intercom-client-compromise/"}],"language":"en","title":"CraftedSignal Threat Feed — Npm","version":"https://jsonfeed.org/version/1.1"}