jbz54m ago

🐍 Popular telnyx package compromised on PyPI by TeamPCP

「 The injection is in telnyx/_client.py, which runs at import time. No install hook to disable, no postinstall to block. Just import telnyx and the malware runs. 」

https://www.aikido.dev/blog/telnyx-pypi-compromised-teampcp-canisterworm

#telnyx #supplychain #pypi #infosec

Popular telnyx package compromised on PyPI by TeamPCP

The popular telnyx packageon PyPI, used by big AI companies, has been compromised by TeamPCP

Thomas Strömberg1h ago

With the #telnyx #supplychain attack, you might be wondering, would #litmus have caught it? Yes, it was flagged as suspicious, even before the samples hit PyPI.

See for yourself: https://lab.atomdrift.org/file/d7efd244cc294d94b848820df9278eac80390064d108151b877484ec3fe7b18e

Hacker News1h ago

The telnyx packages on PyPI have been compromised

https://lwn.net/Articles/1065059/

#HackerNews #telnyx #PyPI #compromise #security #cybersecurity #Python #packages

The telnyx packages on PyPI have been compromised

The SafeDep blog reports that compromised versions of the telnyx package have been found in the [...]

LWN.net
N-gated Hacker News2h ago
🚨 Breaking news: TeamPCP's daring #heist into Telnyx's PyPI packages is the digital equivalent of leaving banana peels in the server room! 🍌👾 Meanwhile, GitHub's "brilliant" suggestion is to sip some AI-flavored Kool-Aid and automate your way out of this Python pickle. 🤖🔧
https://github.com/team-telnyx/telnyx-python/issues/235 #BreakingNews #TeamPCP #Telnyx #PythonAutomation #AIKoolAid #HackerNews #ngated
[SECURITY] PyPI versions 4.87.1 and 4.87.2 are compromised — malicious code injected into _client.py · Issue #235 · team-telnyx/telnyx-python

Updates 2026-03-27 10:13 UTC Both malicious versions have been quarantined by PyPI. Full technical analysis with mitigations and IoCs: Endor Labs — TeamPCP Strikes Again: telnyx Compromised Three D...

GitHub
Hacker News2h ago

Telnyx v4.87.1 and v4.87.2 are compromised by TeamPCP

https://github.com/team-telnyx/telnyx-python/issues/235

#HackerNews #Telnyx #TeamPCP #Security #Vulnerability #Compromise

[SECURITY] PyPI versions 4.87.1 and 4.87.2 are compromised — malicious code injected into _client.py · Issue #235 · team-telnyx/telnyx-python

Updates 2026-03-27 10:13 UTC Both malicious versions have been quarantined by PyPI. Full technical analysis with mitigations and IoCs: Endor Labs — TeamPCP Strikes Again: telnyx Compromised Three D...

GitHub
Hacker News2h ago

Telnyx Python SDK: Supply Chain Security Notice

https://telnyx.com/resources/telnyx-python-sdk-supply-chain-security-notice-march-2026

#HackerNews #Telnyx #Python #SDK #Supply #Chain #Security #Notice #Cybersecurity #PythonSDK #SupplyChainSecurity #Telnyx

Telnyx Python SDK Security Notice: Malicious PyPI Versions Identified (March 2026)

Telnyx identified and removed malicious Python SDK versions (4.87.1 and 4.87.2) published to PyPI. The platform was not compromised. Learn who is affected and the steps to remediate securely.

Hacker News3h ago

PyPI package telnyx has been compromised in yet another supply chain attack

https://www.aikido.dev/blog/telnyx-pypi-compromised-teampcp-canisterworm

#HackerNews #PyPI #telnyx #supplychainattack #cybersecurity #open-source #securitybreach

Popular telnyx package compromised on PyPI by TeamPCP

The popular telnyx packageon PyPI, used by big AI companies, has been compromised by TeamPCP

Arazil3h ago

Today's security "Dear John" comes from VoIP provider Telnyx.

#telnyx #pypi #python #infosec #voip

Ossprey12h ago

A new .wav of #TeamPCP malware embedded in #telnyx versions 4.87.1 and 4.87.2 on #PyPI.

Full analysis is on our blog.

If telnyx is in your dependency tree, check your installed version now.

https://ossprey.com/blog/telnyx-pypi-malware-wav/

#SupplyChainSecurity #PyPI #OpenSource

OSSPREY

Richi JenningsFeb 7, 2025

Commissioner Brendan Carr (pictured) wants $4.5 million fine on #Telnyx, for enabling “illegal robocall scheme.”

Scammers called 1,800 victims pretending to be the “FCC fraud prevention team.” This seems to have been enough to awaken the sleeping government giant and kick it into action. It proposes to fine the VoIP company alleged to be responsible for enabling the scammers, Telnyx LLC.

But the #FCC only acted after scammers tried to scam its own staff. In #SBBlogwatch, we don’t know your customer. @TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/02/fcc-telnyx-robocall-fine-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc

FINALLY! FCC Gets Tough on Robocall Fraud

KYC isn’t a Thing, claims telco: Commissioner Brendan Carr (pictured) wants $4.5 million fine on Telnyx, for enabling “illegal robocall scheme.”

Security Boulevard