intercom-php

MAL-2026-3637

Packagistmalware5/13/2026
Description

Malicious code in intercom-php (Packagist)

Indicators of Compromise
SHA256 Hashes (1)
0bd33abd6fda35e856f8346fda5e85913ce2cad6b4d6c315a2e7138b867760aa
Domains (1)
zero.masscan.cloud
References (3)
https://socket.dev/blog/mini-shai-hulud-packagist-malicious-intercom-php-package-compromiseOSVhttps://semgrep.dev/blog/2026/malicious-intercom-php-package-spreads-mini-shai-hulud-attack-to-packagist-via-composer-plugin/OSVhttps://github.com/advisories/GHSA-gr3r-crp5-qrrmOSV
Details
EcosystemPackagist
Attack Typemalware
Published5/13/2026
Quick Actions
All IncidentsPackagist Incidents
Agentic AI · Pentesting

Ready for Agentic Automated Testing?

Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.

Zero false positives
PoC for every finding
30+ tools orchestrated
Book a DemoLearn More
Setup in 5 minutesSOC 2 & ISO 27001