TEAMPCP , the threat actor behind prior supply chain intrusions, has compromised the telnyx Python package by pushing two malicious versions to PyPI. According to The Hacker News, the two versions, 4.87.1 and 4.87.2, were published on 27 March 2026 and hide credential harvesting capabilities inside a WAV file, with the malware designed to extract data when telnyx_client.py is imported. Users are advised to downgrade to version 4.87.0, and the PyPI project is currently quarantined as investigations continue.
The attack chain combines audio steganography delivery, in-memory data harvesting, and encrypted exfiltration, targeting Windows, Linux, and macOS environments, and exfiltration is planned via a tpcp.tar[.]gz payload to a remote server. The campaign follows TeamPCP’s previous exploits against Trivy, KICS, and litellm, and is seen as part of a broader shift toward weaponising trusted open‑source packages to widen impact.
Security researchers emphasise that the threat actor appears to exploit CI/CD and automation tools, with warnings that any pipeline tooling could become an entry point.