Compromised telnyx on PyPI: WAV Steganography and Credential Theft
Analysis of malicious telnyx 4.87.1 and 4.87.2 on PyPI — a package with over 1 million monthly downloads: injected code uses WAV audio steganography to deliver payloads that steal credentials and…
Read the full articleYou might also wanna read

Popular telnyx package compromised on PyPI by TeamPCP
The popular telnyx packageon PyPI, used by big AI companies, has been compromised by TeamPCP Category: Vulnerabilities & Threats
LiteLLM and Telnyx compromised on PyPI: Tracing the TeamPCP supply chain campaign
On March 24 and 27, 2026, malicious PyPI releases of LiteLLM and Telnyx were published as part of the TeamPCP supply chain campaign. We trac

lightning PyPI Compromise: A Bun-Based Credential Stealer in Python
A malicious release of the lightning PyPI package ships a credential-stealing Bun payload that runs on import. Snyk has a live advisory. Her

Snyk finds PyPi malware that steals Discord and Roblox credential and payment info
Learn about the newly discovered PyPi malware that attempts to steal credential and payment information from Discord and Roblox users.
Critical Security Alert: Malicious Credential-Stealing File Found in litellm 1.82.8 PyPI Package
[LITELLM TEAM] - For updates from the team, please see: #24518 [Security]: CRITICAL: Malicious litellm_init.pth in litellm 1.82.8 PyPI packa
Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to developers and users o

Comments
Sign in to join the conversation.
No comments yet. Be the first.