The PyPI telnyx package became the latest victim in TeamPCP's weeks-long supply chain attack campaign. Attackers uploaded malicious versions 4.87.1 and 4.87.2 at 03:51 UTC on March 27, exploiting credentials stolen from security tools. The package sees 742k monthly downloads, putting countless users at risk of compromise.

The malware executes at import time in telnyx/_client.py, with different attack paths for Windows and Linux/Mac systems. Windows drops a persistent msbuild.exe in startup folders, while Linux systems fetch a second-stage Python script from a C2 server. This follows similar attacks on Trivy, Checkmarx, and LiteLLM packages.

WAV steganography hides the payload, making it difficult to detect. Malicious content is embedded in audio frames that pass MIME-type checks. The technique uses XOR decryption with an 8-byte key from the file. Organizations should immediately remove telnyx≥4.87.1 and rotate all credentials from compromised environments.