Mastodawn

github.com/ghostwriter May 1

Supply chain attack affecting Intercom has expanded beyond #npm and into the #PHP ecosystem.

`intercom/[email protected]`

https://github.com/intercom/intercom-php/security/advisories/GHSA-gr3r-crp5-qrrm

https://github.com/intercom/intercom-node/security/advisories/GHSA-54pg-9963-v8vg

https://www.intercomstatus.com/us-hosting/incidents/01KQFN6VS6ARP1XBR1K1SBYY59

https://www.wiz.io/blog/mini-shai-hulud-supply-chain-sap-npm

https://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromise

#PHP #ComposerPHP #Composer #Intercom #SupplyChain #SupplyChainAttack #MiniShaiHulud

Compromised tag of intercom-php published via GitHub

### Impact On April 30, 2026, a malicious commit was pushed to the intercom/intercom-php repository and tagged as version 5.0.2, using a compromised service account (github-management-service). ...

GitHub