Supply Chain Attacks Target PyTorch Lightning and Intercom-client: Credential Theft Campaign Unveiled
Introduction
In a disturbing escalation of software supply chain threats, attackers have successfully compromised two widely-used Python packages—PyTorch Lightning and Intercom-client—to distribute malicious versions that steal credentials. According to security firms Aikido Security, OX Security, Socket, and StepSecurity, the campaigns were executed with precision, targeting developers and organizations relying on these tools. This article breaks down the incidents, the techniques used, and how to stay protected.
The Attack on PyTorch Lightning
PyTorch Lightning, a popular deep learning framework wrapper, was hit by a credential-stealing campaign. The attackers managed to publish two malicious versions—2.6.2 and 2.6.3—on April 30, 2026. These versions were designed to appear legitimate but contained hidden code that extracted sensitive data such as API keys and environment variables from infected systems.
How the PyTorch Lightning Compromise Worked
The malicious versions were uploaded to the official Python Package Index (PyPI) under the same package name. Users who installed either version via pip install pytorch-lightning between the release date and the takedown were at risk. The payload, embedded in the package's setup script, executed during installation, collecting credentials and exfiltrating them to a remote server. The attack leveraged the trust developers place in popular open-source packages, making it a classic supply chain infiltration.
The Intercom-client Compromise
Concurrently, the Intercom-client package—used to integrate Intercom's customer messaging API—was also targeted. While fewer details are publicly available, security researchers confirmed that the package was compromised in a similar fashion. Attackers injected credential-stealing logic into a legitimate version, aiming to harvest login credentials, API tokens, and other secrets from development environments.
Similarities and Differences
Both attacks share the same objective: credential theft. However, the PyTorch Lightning campaign involved two consecutive malicious version releases, whereas the Intercom-client attack appears to have been a single poisoned update. The attackers likely chose these packages due to their high download counts and integration in sensitive workflows.
Techniques Used in the Campaign
Security analysts from OX Security and StepSecurity identified several common techniques:
- Typosquatting and domain spoofing – Attackers registered similar-looking package names to trick users.
- Code obfuscation – The malicious payload was hidden using base64 encoding and string manipulation.
- Environment variable scraping – The script scanned
os.environfor keys likeAPI_KEY,SECRET_TOKEN, andPASSWORD. - Dependency confusion – Exploiting internal package management misconfigurations to pull malicious versions.
These methods are increasingly common in modern supply chain attacks, as highlighted by Socket and Aikido Security in their respective reports.
Impact and Mitigation
Who Is Affected
Any developer or organization that installed PyTorch Lightning v2.6.2 or v2.6.3 or a compromised version of Intercom-client between late April and early May 2026 is potentially affected. The stolen credentials could lead to unauthorized access to cloud services, databases, and source code repositories.
Steps to Mitigate
- Immediately rotate all credentials – API keys, database passwords, and any secrets stored in environment variables should be regenerated.
- Audit your dependencies – Check your
requirements.txtorPipfilefor the affected versions and remove them. - Use package verification tools – Employ software composition analysis (SCA) tools like those from Socket or OX Security to detect malicious packages.
- Enable two-factor authentication – On all critical accounts and services to add an extra layer of security.
- Monitor for suspicious activity – Review logs for unusual API calls or login attempts.
Conclusion
Supply chain attacks continue to evolve, with threat actors leveraging trusted packages like PyTorch Lightning and Intercom-client to steal credentials. The security community, including Aikido Security, OX Security, Socket, and StepSecurity, has responded swiftly to identify these threats. Developers must remain vigilant, adopt rigorous dependency management practices, and regularly update their security posture. For more details on protecting your software supply chain, refer to our mitigation steps above.
Related Articles
- Pwn2Own 2026: Hackers Earn Nearly $400K Exploiting 15 Zero-Days in Windows 11, Exchange, and RHEL
- A Step-by-Step Guide to Interpreting Kaspersky’s Mobile Threat Landscape Report for Q1 2026
- Weekly Cybersecurity Bulletin: Major Breaches, AI Threats, and Critical Patches (April 13 Edition)
- 7 Shocking Facts About Fake Call History Apps That Stole from 7.3 Million Users
- AI Security Sweep Reveals 271 Zero-Day Flaws in Firefox Browser
- When Code Turns Dangerous: AI's Dual Threat to Cybersecurity
- AI Agents Expose Hidden Security Flaws as Flawed Code Floods the Web
- Cyberattack on Canvas: What It Means for School Data Security