Telnyx package compromised on PyPI

2026-03-27

1 min read

by ramimac

Read Original

Get the latest tech trends every morning

Receive daily AI-curated summaries of engineering articles from top tech companies worldwide.

Endigest AI Core Summary

Two unauthorized versions of the Telnyx Python SDK (4.87.1, 4.87.2) were published to PyPI on March 27, 2026 as part of a broader supply chain attack campaign.

•Malicious versions were live from 03:51 UTC to 10:13 UTC before being quarantined and removed
•The attack used WAV steganography for payload delivery with a C2 server at 83.142.209.203:8080
•Affected users should downgrade to telnyx==4.87.0 and rotate all secrets including API keys, DB credentials, and cloud tokens
•This is part of a multi-week campaign also targeting Trivy (March 19) and LiteLLM (March 24)
•Telnyx platform, APIs, and infrastructure were not compromised; only the PyPI distribution channel was affected

This summary was automatically generated by AI based on the original article and may not be fully accurate.

Telnyx package compromised on PyPI

Get the latest tech trends every morning

Endigest AI Core Summary

Related Articles

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture