THREATNOIR
Subscribe
Back to Feed
Supply ChainApr 30, 2026

‼️ Mini Shai-Hulud Malware Reaches Packagist Through Compromised Intercom PHP Package, Mirroring...

Mini Shai-Hulud malware distributed via compromised Intercom PHP package on Packagist.

Read at source

Summary

The Mini Shai-Hulud malware has been injected into a compromised Intercom PHP package hosted on Packagist, the primary package repository for PHP. This attack mirrors an earlier npm-based supply chain compromise, demonstrating attackers' continued focus on poisoning package managers to reach developers at scale.

Indicators of Compromise

  • malware — Mini Shai-Hulud

Entities

Intercom PHP Package (product)Packagist (technology)