ACCORDING to StepSecurity, the Shai-Hulud worm has pivoted to a multi-cloud credential sweep with intercom-client@7.0.4, the official Intercom Node[.]js SDK, boasting 361,510 weekly downloads. The malicious version was published today at 14:41 UTC via a hijacked GitHub Actions OIDC publishing pipeline, signalling active propagation through CI/CD infrastructure stolen from yesterday’s victims.
The payload expands beyond prior targets to collect AWS credentials via the IMDS endpoint (169.254.169[.]254), GCP service account tokens via the metadata server, and Azure credentials, along with private keys and broad API key patterns. It uses an obfuscated 11.7 MB router_runtime.js payload and a Bun loader to evade detection, and exfiltrates stolen data to the victim’s GitHub account through api.github[.]com, creating a private repository and encrypting the harvested credentials there.
The incident is attributed to the Shai-Hulud / TeamPCP campaign, with indicators including a Bun v1.3.13 loader, a unique __decodeScrambled cipher, and a preinstall hook in intercom-client@7.0.4. Remediation steps and protections are outlined by StepSecurity.