Securing Your Pipeline: A Guide to Detecting and Preventing Supply Chain Attacks Using PyTorch Lightning and Intercom-Client Case Studies

Overview

Software supply chain attacks have become one of the most insidious threats in modern development. In late April 2026, two malicious versions (2.6.2 and 2.6.3) of the widely used PyTorch Lightning package were published on PyPI, targeting credential theft. Simultaneously, the Intercom-client package was also compromised in a similar campaign. This tutorial analyzes these incidents and provides a concrete framework for defending your projects. By the end, you'll understand the attack mechanics, detection strategies, and preventive measures.

Prerequisites

Before diving in, you should have:

• Basic familiarity with Python package management (pip, requirements.txt)
• Access to a Linux/macOS terminal (Windows WSL works too)
• A test environment (virtualenv or Docker) for safe experimentation
• Optional: a PyPI account if you want to test package verification workflows

Step-by-Step Instructions

Understanding the Attack Mechanism

In both attacks, threat actors injected malicious code into legitimate open-source packages. The PyTorch Lightning compromise involved two versions that appeared legitimate but included a credential-stealing payload that exfiltrated environment variables, API keys, and database credentials. The Intercom-client attack followed a similar pattern—updated package with malicious code that activated during installation or import.

To understand the mechanics, consider the typical attack flow:

1. Compromise: Attacker gains maintainer access (e.g., via stolen credentials or social engineering).
2. Payload insertion: Malicious code is added to setup.py or a post-install script.
3. Publication: New version pushed to PyPI under the same package name.
4. Distribution: Users running pip install --upgrade automatically fetch the malicious version.
5. Execution: On import, the payload runs and sends credentials to a remote server.

Detecting a Compromised Package

You can detect suspicious behavior with these steps:

1. Monitor Package Hashes

Compare checksums between different sources. For example, check the hash of the downloaded wheel against official records:

pip download pytorch-lightning==2.6.2
sha256sum pytorch_lightning-2.6.2-py3-none-any.whl
# Compare with published hash on PyPI or GitHub releases

If the hash doesn't match a known good version (e.g., from a previous trusted release), flag it.

2. Audit Setup.py for Suspicious Code

Unpack the wheel and inspect setup.py:

unzip -l pytorch_lightning-2.6.2-py3-none-any.whl | grep setup
unzip pytorch_lightning-2.6.2-py3-none-any.whl -d /tmp/check
cat /tmp/check/setup.py | grep -E "(requests|urllib|subprocess|os.system)"

Look for external network calls in a build step—this is a red flag.

3. Check for Post-Install Scripts

Malicious packages often use post_install hooks. Examine the METADATA file:

unzip -p pytorch_lightning-2.6.2-py3-none-any.whl *.dist-info/METADATA | grep -i "post_install"

Preventive Measures

1. Pin Exact Versions

Avoid fuzzy requirements. In your requirements.txt, specify:

pytorch-lightning==2.6.1  # not 2.6.* or >=2.6

2. Use Hash Pinning with pip's Hash-Check Mode

Generate hashes and use --require-hashes:

pip freeze | grep pytorch-lightning > pinned.txt
cat pinned.txt
# Then create a requirements file with hashes:
pip hash pytorch_lightning-2.6.1-py3-none-any.whl >> pinned.txt
pip install --require-hashes -r pinned.txt

3. Enable Two-Factor Authentication on PyPI

If you maintain packages, protect your account. This prevents unauthorized publication. Go to PyPI account settings and enable 2FA.

4. Automate Security Scans

Integrate tools like pip-audit or safety into your CI/CD pipeline:

# .github/workflows/security.yml
- name: Check for vulnerabilities
  run: pip-audit --desc

Responding to a Supply Chain Attack

If you suspect a compromised package, take these steps:

1. Immediately pin all dependencies to known safe versions.
2. Rotate all credentials that may have been exposed (API keys, database passwords).
3. Audit recent deployments for anomalies—check logs for unexpected outbound connections.
4. Notify your team and consider a public advisory if you're a maintainer.
5. Report the malicious package to PyPI admins or security tools like Socket.

Common Mistakes

Mistake 1: Ignoring Package Integrity

Many developers trust PyPI implicitly without verifying hashes. Always check pip show for a package's source repository and cross-reference releases.

Mistake 2: Using Wildcard Dependencies

Specifying pytorch-lightning>=2.6 can auto-update to a malicious version. Always pin exact versions.

Mistake 3: Overlooking Post-Install Scripts

Even well-known packages can be compromised. Review any custom build steps carefully.

Mistake 4: Not Monitoring Package Updates

Subscribe to security advisories for your critical dependencies. Tools like Dependabot or Renovate can help.

Summary

Software supply chain attacks are evolving, as shown by the PyTorch Lightning (versions 2.6.2, 2.6.3) and Intercom-client incidents. By pinning versions, verifying hashes, auditing setup scripts, and automating security scans, you can significantly reduce risk. Always treat package updates with suspicion—verify before you trust.

For further reading, see our guide on Prerequisites or jump to Common Mistakes.