The telnyx packages on PyPI have been compromised
(lwn.net)
from cm0002@europe.pub to cybersecurity@infosec.pub on 27 Mar 20:50
https://europe.pub/post/10798306
from cm0002@europe.pub to cybersecurity@infosec.pub on 27 Mar 20:50
https://europe.pub/post/10798306
The SafeDep blog reports that compromised versions of the telnyx package have been found in the PyPI repository:
Two versions of telnyx (4.87.1 and 4.87.2) published to PyPI on March 27, 2026 contain malicious code injected into telnyx/_client.py. The telnyx package averages over 1 million downloads per month (~30,000/day), making this a high-impact supply chain compromise. The payload downloads a second-stage binary hidden inside WAV audio files from a remote server, then either drops a persistent executable on Windows or harvests credentials on Linux/macOS.
threaded - newest