---
title: "semgrep intercom php security"
source: newsletter
source_url: https://semgrep.dev/blog/2026/malicious-intercom-php-package-spreads-mini-shai-hulud-attack-to-packagist-via-composer-plugin/
source_feed: TLDR AI (newsletter)
ingested: 2026-05-08
review_value: 7
review_confidence: 7
review_verdict: strong
stars: 4
sha256: 6fda24b6ce866fea
type: raw
created: 2026-05-10
updated: 2026-05-10
tags: []
---
At RSA, we launched Semgrep Multimodal to combine AI reasoning with rule-based detection [Learn More → ](https://semgrep.dev/blog/2026/attackers-cant-have-all-the-advantage-introducing-semgrep-multimodal/)
[Sign in](/login/) [Product support](/resources/customer-success/) [Contact us](/contact-us/)
[ ](/)
  * [ Products  ](/)
Products
    * [ Code Find and fix the issues that matter in your code (SAST) ](/products/semgrep-code)
    * [ Supply Chain Fix vulnerabilities in open source dependencies and block malware ](/products/semgrep-supply-chain)
    * [ Secrets Find and fix hardcoded secrets with semantic analysis ](/products/semgrep-secrets)
Platform
    * [ Multimodal Combine AI reasoning with rule-based analysis for detection, triage, and remediation ](/products/semgrep-multimodal)
    * [ AppSec Platform Automate, manage, and enforce security across your organization ](/products/semgrep-appsec-platform)
    * [ Workflows Build and deploy security pipelines that combine static analysis with AI at scale ](/products/semgrep-workflows)
Featured
    * [ Registry Find rules written by Semgrep and the community ](https://semgrep.dev/explore)
    * [ Playground Write and share rules using our online interactive tool ](https://semgrep.dev/playground/new)
    * [ Product Updates Stay up to date on changes to the Semgrep platform, big and small ](/products/product-updates)
  * [ Solutions  ](/)
Solutions
    * [ Secure Vibe Coding Secure your code, no matter who (or what) writes it. ](/solutions/secure-vibe-coding/)
    * [ Open-Source Malware Protection Protect against software supply chain attacks ](https://semgrep.dev/solutions/open-source-malware-protection/)
    * [ Static Application Security Testing Increase security while accelerating development ](/solutions/static-application-security-testing/)
    * [ OWASP Top 10 Prevent the most critical web application security risks ](/solutions/owasp-top-ten/)
    * [ Secure Guardrails Protect Your Code with Secure Guardrails ](/solutions/secure-guardrails/)
Industries
    * [ Fintech Ship faster, without compromising on security. ](/industry/fintech/)
    * [ SaaS & Cloud Secure SAST. Innovate Fast. ](/industry/saas-cloud/)
Why Semgrep?
    * [ vs. Snyk ](/resources/semgrep-vs-snyk/)
    * [ vs. Checkmarx ](/resources/semgrep-vs-checkmarx/)
    * [ vs. GitHub ](/resources/semgrep-vs-github/)
    * [ Community Edition ](/products/community-edition)
    * [ Semgrep for developers ](/docs/for-developers/overview)
    * [ Semgrep for Startups ](/for/startups/)
  * [ Resources  ](/)
    * [ Docs Want the docs? Start here ](/docs/)
    * [ Blog Get the latest news about Semgrep ](/blog/)
    * [ ROI Calculator See how Semgrep can save you time and money ](/resources/calculator/)
    * [ Community Slack Join the friendly Slack group to ask questions or share feedback ](https://go.semgrep.dev/slack)
    * [ Events Join us at a Semgrep Event! ](/events/)
    * [ Case Studies See why users love Semgrep ](/case-studies/)
    * [ Customer Success Get help from Semgrep’s Customer Success team ](/resources/customer-success/)
    * [ Video Library View our library of on-demand webinars ](/events/video-library/)
Featured
    * [ Report Remediation at Scale: What High-Performing AppSec Teams Do Differently An analysis of code security remediation patterns across tens of thousands of actively developed repositories. ](https://semgrep.dev/resources/remediation-at-scale/)
    * [ Comparison Semgrep vs. Snyk Learn how Semgrep improves accuracy, saves time, and delivers a superior developer experience. ](/resources/semgrep-vs-snyk/)
    * [ Release Explore the Autumn 2025 Release Highlights Discover powerful new Semgrep features shipped this season designed to help you secure code at scale. ](/resources/whats-new)
    * [ Blog AppSec guides, not gates: Introducing secure guardrails with Semgrep ](/blog/2024/appsec-guides-not-gates-introducing-secure-guardrails-with-semgrep/)
  * [ Company  ]()
    * [ About The Semgrep story & values ](/about/)
    * [ Careers Join the team! ](/about/careers/)
    * [ Partners Become a Semgrep partner ](/partners/)
  * [ Pricing  ](/pricing/)
[ Book demo ](/contact/demo) [ Try for free ](/signup)
[ ](/)
[ Book demo ](/contact/demo) [ Try for free ](/login)
  * Products 
    * [Semgrep Code](/products/semgrep-code/)
Find and fix the issues that matter in your code (SAST)
    * [Semgrep Supply Chain](/products/semgrep-supply-chain/)
Fix vulnerabilities in open source dependencies and block malware
    * [Semgrep Secrets](/products/semgrep-secrets/)
Find and fix hardcoded secrets with semantic analysis
    * [Semgrep AppSec Platform](/products/semgrep-appsec-platform/)
Automate, manage, and enforce security across your organization
    * [Semgrep Workflows](/products/semgrep-workflows/)
Build and deploy security pipelines that combine static analysis with AI at scale
    * [Product Updates](/products/product-updates/)
Stay up to date on changes to the Semgrep platform, big and small
  * Solutions 
    * [Secure Vibe Coding](/solutions/secure-vibe-coding/)
Secure your code, no matter who (or what) writes it.
    * [Open-Source Malware Protection](https://semgrep.dev/solutions/open-source-malware-protection/)
Protect against software supply chain attacks
    * [Static application security testing](/solutions/static-application-security-testing/)
Increase security while accelerating development
    * [OWASP Top 10](/solutions/owasp-top-ten/)
Prevent the most critical web application security risks
    * [Secure Guardrails](/solutions/secure-guardrails/)
Protect Your Code with Secure Guardrails
    * [Fintech](/industry/fintech/)
Mitigate software supply chain risks
    * [SaaS & Cloud](/industry/saas-cloud/)
Increase security while accelerating development
  * Resources 
    * [Docs](/docs/)
Want to read all the docs? Start here
    * [Blog](/blog/)
Get the latest news about Semgrep
    * [ROI Calculator](/resources/calculator/)
See how Semgrep can save you time and money
    * [Community Slack](https://semgrep.slack.com/join/shared_invite/zt-2kyavz0b6-7rgTuOZAV0XiQ2nDynCGrA#/shared-invite/email)
Join the friendly Slack group to ask questions or share feedback
    * [Events](/events/)
Join us at a Semgrep Event!
    * [Case Studies](/case-studies/)
See why users love Semgrep
    * [Video Library](/events/video-library/)
View our library of on-demand webinars
    * [Community Edition](/products/community-edition)
  * Company 
    * [About](/about/)
The Semgrep story & values
    * [Careers](/about/careers/)
Join the team!
    * [Partners](/partners/)
Become a Semgrep partner
  * [ Pricing ](/pricing/)
  * [ Sign in ](/login/)
  * [ Product support ](/resources/customer-success/)
  * [ Contact us ](/contact-us/)
  * [ Book demo ](/contact/demo) [ Try for free ](/login)
[ Security Research ](/blog/security-research)
# Malicious Intercom PHP Package Spreads Mini Shai-Hulud Attack to Packagist via Composer Plugin
intercom/intercom-php 5.0.2 was compromised and converted into a Composer plugin that exfiltrates credentials at install time, extending the Mini Shai-Hulud campaign to PHP.
April 30th, 2026 
Table of Contents
* * *
After compromising Lightning on PyPi earlier today, the same attackers compromised the intercom/intercom-php package version 5.0.2 on Packagist by overwriting the existing version with malicious code that converts it into a Composer plugin. The malicious plugin executes during package installation, downloading Bun JavaScript runtime and running an obfuscated credential-stealing payload. This represents an expansion of the Mini Shai-Hulud campaign from npm to the PHP ecosystem, using Composer's plugin system for install-time execution. Using the same payload from the npm campaign it steals various credentials including GitHub tokens, SSH keys, cloud provider credentials, and environment variables before encrypting and exfiltrating the data.  
This comes after the npm package intercom-client, the official Node.js SDK for Intercom's API, was compromised earlier today. That package runs setup.mjs via a preinstall hook, meaning any machine that installed the malicious 7.0.4 was exposed before the package was ever imported or used. Intercom-client and intercom-php see roughly 400,000 weekly downloads and is commonly installed in backend services, developer environments, and CI/CD pipelines, making it a high-value target for credential theft.
## For Semgrep Customers
Semgrep has an advisory and rule you can find to check your projects.
  1. Trigger a new scan if you haven't recently on your projects.
  2. Check the advisories page to see if any projects have installed these package versions recently: [_https://semgrep.dev/orgs/-/advisories_](https://semgrep.dev/orgs/semgrep/advisories/ssc-9fbdde92-b3ee-447d-b342-45d72aa3dca4)
  3. Check your [_dependency filter_](https://semgrep.dev/orgs/-/supply-chain/t/all?f=CgAqAEIASgBaAHIAigEDvukRogEAqgEAsgEAugEA0gEA2gEA4gEA6gEA%2BgEAiAIBkgIAmgIAugIA8gIA%2BgIAggMAigMAmgMBAaIDAKoDALoDAA%3D%3D) for matches. If you see “No matching dependencies” you are not actively using the malicious dependency in any of your projects. If you did match, additional advice on remediation and indicators of compromise are below.
**If you matched:** Audit your repositories for the injected files listed in the IOCs below.
## How PHP Attacks Work Differently Compared to NPM and PyPI
PHP's package ecosystem runs on two pieces: Composer (the dependency manager) and Packagist (packagist.org), the default registry. The architecture is worth understanding since it shapes the attack surface in ways that differ from npm or PyPI.
Packagist isn't a file store, authors don't upload tarballs; they register a VCS repository URL, and Packagist crawls their composer.json, indexes tags, and serves that metadata to anyone running composer require. The actual code stays in GitHub, GitLab, or Bitbucket. Publishing is: submit a repo URL, authenticate via GitHub OAuth, add a webhook. Tag a release, webhook fires, Packagist re-indexes.
Given there is no pre-publish quarantine gate that becomes the attack surface.
Malware scanning pipelines have been introduced for PyPI or npm after many high profile incidents. If an attacker compromises a maintainer's GitHub account and pushes a malicious tag, the webhook fires within minutes and Packagist serves the new version to anyone running composer update. Transitive exposure compounds it: if a popular library takes a dependency on a compromised package, every downstream project picks it up without ever having explicitly required it. Replication isn't a feature of the attack and it's a feature of how Composer resolves dependencies.
Semgrep Supply Chain addresses this at two layers. For known vulnerabilities, it ingests security advisories and processes updates regularly, so when an incident surfaces a CVE, new rules get generated. PHP is fully supported with reachability analysis covering critical and high severity CVEs back to 2017, which means Semgrep doesn't stop at the version check. It checks whether your code actually calls the vulnerable function. Findings come back as reachable, unreachable, or conditionally reachable.
Malicious incidents like this one are a little bit different and require more proactive detection and rule creation in response to urgency.
For [_transitive dependencies_](https://semgrep.dev/docs/semgrep-supply-chain/overview#transitive-dependencies-and-reachability-analysis), Semgrep scans them for known vulnerable versions across all supported languages but doesn't run code-level reachability analysis through the full dependency chain. The exception: if a vulnerability is exploitable through mere inclusion — no function call required — Semgrep flags it as reachable regardless of whether the dependency is direct or transitive. One PHP-specific gap worth knowing: lockfile-free scanning isn't supported, so composer.lock needs to be present and committed. 
##   
Indicators of Compromise
As this is a continuation of the Mini Shai-Hulud attack [_from today_](https://semgrep.dev/blog/2026/malicious-dependency-in-pytorch-lightning-used-for-ai-training/) and [_earlier this week_](https://semgrep.dev/blog/2026/sap-npm-packages-compromised-in-supply-chain-attack-using-obfuscated-bun-runtime-payload/), you should refer to our previous blog posts for full analysis of the IoCs, however the key IoCs for this package are listed below.
### Packages
\- `intercom/intercom-php@5.0.2`
### Domains / C2 Servers
\- `zero.masscan.cloud`
### Files / System Artifacts
\- `setup-intercom.sh`
\- `router_runtime.js`
\- `src/composerPlugin.php`
\- `/tmp/tmp.987654321.lock`
\- `.claude/router_runtime.js`
\- `.claude/setup.mjs`
\- `.claude/settings.json`
\- `.vscode/setup.mjs`
\- `.vscode/tasks.json`
\- `results/results-*.json`
\- `package-updated.tgz`
#### Dive deeper into [Security Research](/blog/security-research) or continue reading our featured posts.
[ Application Security April 20, 2026 Mythos: Bad Takes, Facts, and Fear Isaac Evans ](/blog/2026/mythos-bad-takes-facts-and-fear) [ Application Security March 19, 2026 Will there be more security engineers in the future, or fewer? Isaac Evans ](/blog/2026/will-there-be-more-security-engineers-in-the-future-or-fewer) [ March 18, 2026 Introducing Semgrep Custom Workflows Vivek Khimani Braden Riggs ](/blog/2026/introducing-semgrep-custom-workflows)
**Code security for builders**
  * Products
  * [Semgrep Code](/products/semgrep-code/)
  * [Semgrep Supply Chain](/products/semgrep-supply-chain/)
  * [Semgrep Secrets](/products/semgrep-secrets)
  * [Semgrep Multimodal](/products/semgrep-multimodal/)
  * [Semgrep AppSec Platform](/products/semgrep-appsec-platform/)
  * [Semgrep Pro Engine](/products/pro-engine/)
  * Solutions
  * [Secure Vibe Coding](/solutions/secure-vibe-coding/)
  * [Open-Source Malware Protection](/solutions/open-source-malware-protection/)
  * [Static Application Security Testing](/solutions/static-application-security-testing/)
  * [OWASP Top 10](/solutions/owasp-top-ten/)
  * [Secure Guardrails](/solutions/secure-guardrails/)
  * Resources
  * [Docs](/docs/)
  * [Pricing](/pricing/)
  * [Blog](/blog/)
  * [Getting started with Semgrep](/docs/getting-started/quickstart/)
  * [Registry](/explore/)
  * [Playground](/playground/new/)
  * [ROI Calculator](/resources/calculator/)
  * [Book a demo](/contact/demo/)
  * [Help Center](/docs/support/)
  * Company
  * [About](/about/)
  * [Careers](/about/careers/)
  * [Contact](/contact-us/)
  * [Press](mailto:press@semgrep.com)
* * *
#### Stay up to date
Subscribe to our newsletter
[](https://x.com/semgrep) [](https://go.semgrep.dev/slack) [](https://github.com/semgrep/semgrep) [](https://www.youtube.com/c/semgrep) [](https://www.linkedin.com/company/semgrep/) [](https://bsky.app/profile/semgrep.com)
© 2026 Semgrep, Inc. Semgrep is a registered trademark of Semgrep, Inc. 
[Website terms](/legal/terms) · [Privacy](/legal/privacy)