GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in interco…

1 / 2

GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client

DEV Community·CVE Reports·26 days ago

#f2fiLTpA

#security #cve #cybersecurity #ghsa #intercom #client

Reading 0:00

15s threshold

GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client Vulnerability ID: GHSA-54PG-9963-V8VG CVSS Score: 9.6 Published: 2026-05-07 The intercom-client npm package was compromised in a supply chain attack when a malicious version (7.0.4) was published to the public registry. This version contained an obfuscated payload designed to steal multi-cloud credentials, SSH keys, and tokens, exfiltrating them via a GitHub repository dead-drop mechanism. TL;DR A malicious version (7.0.4) of the intercom-client npm package executes an obfuscated preinstall hook to harvest cloud metadata and local secrets. The malware exfiltrates stolen credentials by committing them to a newly created public GitHub repository on the victim's account.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

GHSA-54PG-9963-V8VG: GHSA-54PG-9963-V8VG: Supply Chain Compromise and Credential Theft in intercom-client