RSS
← All articles
threat
2026-03-27

TeamPCP compromises Telnyx Python SDK on PyPI - malware hidden inside sound files

Hackers compromised the Telnyx Python SDK on PyPI and hid malware inside .wav sound files - disguised as audio to bypass security scanners. Versions 4.87.1 and 4.87.2 were poisoned - just importing the package triggers the attack. It grabs SSH keys, cloud credentials, and can hijack Kubernetes clusters. The malicious versions were live for about 6 hours before PyPI quarantined them.

teampcptelnyxpypisupply-chainpython
Check
Audit your Python environments for the Telnyx package.
Affected
telnyx 4.87.1 and 4.87.2 on PyPI.
Fix
Downgrade to telnyx 4.87.0. Rotate all credentials on any system that ran the poisoned versions.
Related Articles
threatGemStuffer campaign turned RubyGems into a clandestine data drop - 150+ malicious gems hid scraped UK council portal pages inside Ruby packages
vulnerabilityOne unpatched Quest KACE box at a Boston MSP exposed 60+ named client organizations - law enforcement, schools, healthcare, and government on one MariaDB dump (CVE-2025-32975)
breachTelehealth aggregator OpenLoop Health confirms 716,000 patient records stolen in a 24-hour intrusion in January - downstream consumer brands still unnamed