Lightning and Intercom Packages Compromised in Supply Chain Attack

Type

Campaign

Actors

🪱TeamPCP

Pub. date

April 30, 2026

Initial access

Supply chain vector

Impact

Data exfiltrationSupply chain attack

Observed techniques

Supply Chain Compromise Package hijacking

Targeted technologies

GitHub PyPI

References

https://lightning.ai/blog/pytorch-lightning-supply-chain-attack

Status

Finalized

Last edited

May 20, 2026 10:48 AM

In the PyPI package lightning, malicious code is triggered automatically upon import. The code downloads and installs the Bun runtime and executes a large (~11 MB) obfuscated JavaScript payload. This behavior enables credential harvesting from developer environments and CI/CD pipelines without requiring explicit user interaction beyond normal package usage.

Additionally, the npm package intercom-client version 7.0.4 introduces a malicious preinstall script (node setup.mjs) that executes during package installation. The setup.mjs script downloads and runs a Bun runtime binary, which then executes a local file (router_runtime.js). The Packagist PHP package intercom/intercom-php version 5.0.2 was similarly compromised.