Telnyx Package Compromised - TeamPCP Supply Chain Attack
Basically, a popular coding tool got hacked, putting many users at risk.
The Telnyx Python SDK was compromised in a supply chain attack. With 742,000 downloads, this breach puts many developers at risk. Immediate action is needed to secure affected environments.
The Threat
This morning, the official Telnyx Python SDK on PyPI was compromised as part of a supply chain attack by the threat actor group TeamPCP. Malicious versions 4.87.1 and 4.87.2 were uploaded to PyPI, executing silently upon import. With 742,000 downloads recently, this attack poses a significant risk to developers and organizations relying on this SDK.
The attack is part of a larger, escalating campaign that began on March 19, 2026. TeamPCP's method involves compromising trusted tools, stealing credentials, and using those to target additional victims. This pattern has created a chain reaction of breaches, with the Telnyx incident being the latest in a series of coordinated attacks.
Who's Behind It
TeamPCP has demonstrated a systematic approach to their attacks. They first compromised Aqua Security’s vulnerability scanner, Trivy, leading to the theft of CI/CD credentials. Using these stolen credentials, they then targeted other projects, deploying backdoors and malicious code across numerous platforms. Their tactics include using WAV steganography to conceal malware within seemingly innocent audio files, making detection difficult.
The timeline of their operations shows a clear escalation in their techniques, culminating in the Telnyx compromise. This structured approach not only highlights their capabilities but also raises alarms about the potential for further breaches in the coming weeks.
Tactics & Techniques
The malicious payload in the Telnyx package executes at import time, making it particularly insidious. On Windows, it downloads a file that contains an obfuscated executable, ensuring persistence by placing it in the Startup folder. On Linux and macOS, the attack uses a hardcoded script that fetches another payload, which is then executed to exfiltrate sensitive data.
This dual-path execution strategy allows TeamPCP to maximize their reach across different operating systems, significantly increasing the potential impact of their attack. The use of steganography to hide malicious code within audio files is a notable tactic that complicates detection efforts by security tools.
Defensive Measures
Organizations that have downloaded the compromised Telnyx versions must act immediately. The first step is to remove the malicious packages and revert to a safe version. It's crucial to treat any affected environments as compromised — this means rotating all credentials and tokens that may have been exposed.
Additionally, organizations should monitor network traffic for any connections to the attacker's command and control server and audit their CI/CD pipelines for signs of further compromise. The FBI has warned of an expected surge in breach disclosures and follow-on intrusions, making it essential for organizations using Python-based tools to enforce strict version control and security measures across their development environments.