Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

Backdoored Telnyx PyPI package pushes malware hidden in WAV audio

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file.

Popular LiteLLM PyPI Package Backdoored To Steal Credentials, Auth Tokens

joshuark shares a report from BleepingComputer: The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. LiteLLM is an open-source Python library that serves as a gateway to multiple large language model (LLM) providers via a single API. The package is very popular, with over 3.4 m…

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are

TeamPCP Compromises Telnyx: WAV Steganography, Windows Persistence, and the Credential Chain Continues

TeamPCP hid a credential stealer inside a WAV audio file — invisible to static analysis — and used tokens stolen from litellm three days earlier to publish it directly to PyPI, bypassing GitHub entirely. The post TeamPCP Compromises Telnyx: WAV Steganography, Windows Persistence, and the Credential Chain Continues appeared first on Phoenix Security.

TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware

TeamPCP continues is supply chain compromise rampage, with telnyx on PyPI being the latest maliciously modified package. What happened? Telnyx is a widely used software development kit (SDK) for the Telnyx AI Voice Agent service. According to Endor Labs researchers, attackers backdoored the legitimate SDK code and published versions 4.87.1 and 4.87.2 of the package on the Python Package Index (PyPI), one shortly after the other. The malicious co…

TeamPCP Supply Chain Series Part 3: Telnyx PyPI Compromise

TeamPCP's third PyPI attack in nine days targets the telnyx SDK, hiding live C2 payloads inside fake audio files. Full technical breakdown, IOCs, and remediation steps.