Supply Chain Compromise: Backdoored Telnyx PyPI SDK Delivers Malware via TeamPCP
What Happened – Attackers compromised the publishing credentials for the Telnyx Python SDK on PyPI and released malicious versions 4.87.1 and 4.87.2. The packages contain a loader that drops a Windows executable or a Linux/macOS information‑stealer, exfiltrating SSH keys, cloud tokens, Docker/NPM credentials, database passwords, and Kubernetes service‑account tokens.
Why It Matters for TPRM –
- Third‑party SDKs can become a direct conduit for credential theft across development pipelines.
- Compromise of a single PyPI token enables attackers to weaponize any downstream project that imports the package.
- The malware can hijack entire Kubernetes clusters, amplifying risk to cloud‑native environments.
Who Is Affected – SaaS developers, CI/CD platforms, cloud‑native workloads, and any organization that integrates the Telnyx SDK or shares PyPI tokens.
Recommended Actions – Immediately revoke all Telnyx PyPI tokens, audit all projects for the malicious versions, enforce signed package verification, rotate exposed credentials, and monitor for anomalous network traffic to the C2 IP address.
Technical Notes – Attack vector: compromised PyPI publishing credentials (third‑party dependency). Payload delivered via an encoded WAV audio frame; runtime fetches additional code from a raw IP C2. Affected data: SSH keys, cloud API tokens, Docker/NPM credentials, database passwords, Kubernetes service‑account tokens, cryptocurrency wallet files. Source: Help Net Security