{"uuid": "bf06c934-1cd7-40c6-bfde-28e2928ae584", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-54PG-9963-V8VG", "type": "seen", "source": "https://gist.github.com/alon710/8afde5a27397b507920e321a8ed8bd55", "content": "# GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client\n\n> **CVSS Score:** 9.6\n> **Published:** 2026-05-07\n> **Full Report:** https://cvereports.com/reports/GHSA-54PG-9963-V8VG\n\n## Summary\nThe intercom-client npm package was compromised in a supply chain attack when a malicious version (7.0.4) was published to the public registry. This version contained an obfuscated payload designed to steal multi-cloud credentials, SSH keys, and tokens, exfiltrating them via a GitHub repository dead-drop mechanism.\n\n## TL;DR\nA malicious version (7.0.4) of the intercom-client npm package executes an obfuscated preinstall hook to harvest cloud metadata and local secrets. The malware exfiltrates stolen credentials by committing them to a newly created public GitHub repository on the victim's account.\n\n## Exploit Status: ACTIVE\n\n## Technical Details\n\n- **CWE ID**: CWE-506\n- **Attack Vector**: Network (Supply Chain)\n- **CVSS v3.1 Score**: 9.6\n- **Impact**: Credential Theft & Exfiltration\n- **Exploit Status**: Active Exploitation\n- **Malicious Component**: router_runtime.js\n\n## Affected Systems\n\n- Node.js build environments\n- CI/CD pipelines executing npm install\n- Developer workstations utilizing intercom-client\n- Cloud instances (AWS, GCP, Azure) running the compromised software\n- **intercom-client**: == 7.0.4 (Fixed in: `7.0.3`)\n\n## Mitigation\n\n- Strict dependency version pinning to prevent automatic ingestion of new, unverified package versions.\n- Implementation of egress network filtering in CI/CD pipelines to block unauthorized API calls and IMDS querying.\n- Enforcement of least privilege principles for developer accounts and cloud instance roles.\n- Utilization of --ignore-scripts flag during npm installations to prevent automatic execution of lifecycle hooks.\n\n**Remediation Steps:**\n1. Audit environment dependencies using 'npm list intercom-client' to identify instances of version 7.0.4.\n2. Downgrade 'intercom-client' to version 7.0.3 in package.json and forcefully update lock files.\n3. Search the organization's GitHub account for public repositories with the description 'A Mini Shai-Hulud has Appeared'.\n4. Revoke and rotate all cloud credentials (AWS, GCP, Azure), GitHub tokens, npm tokens, and SSH keys accessible on compromised hosts.\n5. Review cloud provider logs (CloudTrail, etc.) for unauthorized access using potentially compromised instance roles.\n\n## References\n\n- [GitHub Security Advisory GHSA-54PG-9963-V8VG](https://github.com/advisories/GHSA-54PG-9963-V8VG)\n- [Intercom Status Incident](https://www.intercomstatus.com/us-hosting/incidents/01KQFN6VS6ARP1XBR1K1SBYY59)\n- [Socket Analysis of Supply Chain Attack](https://socket.dev/blog/intercom-s-npm-package-compromised-in-supply-chain-attack)\n- [Wiz Research on Mini Shai-Hulud](https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm)\n- [StepSecurity Details on Shai-Hulud Worm](https://www.stepsecurity.io/blog/shai-hulud-worm-pivots-to-multi-cloud-intercom-client-hijacked)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-54PG-9963-V8VG) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-05-07T18:40:29.000000Z"}