{"id":234190,"date":"2026-03-28T03:12:38","date_gmt":"2026-03-28T08:12:38","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2026\/03\/backdoored-telnyx-pypi-package-pushes-malware-hidden-in-wav-audio"},"modified":"2026-03-28T03:12:38","modified_gmt":"2026-03-28T08:12:38","slug":"backdoored-telnyx-pypi-package-pushes-malware-hidden-in-wav-audio","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2026\/03\/backdoored-telnyx-pypi-package-pushes-malware-hidden-in-wav-audio","title":{"rendered":"Backdoored Telnyx PyPI package pushes malware hidden in WAV audio"},"content":{"rendered":"

<\/a><\/p>\n

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file.<\/p>\n

The supply-chain attack was observed by application security firms Aikido<\/a>, Socket<\/a>, and Endor Labs<\/a>, and was attributed to TeamPCP based on the same exfiltration pattern and RSA key seen in previous incidents caused by the same actor.<\/p>\n

TeamPCP is responsible for multiple recent supply-chain (e.g., Aqua Security\u2019s Trivy vulnerability scanner<\/a>, the open-source Python library LiteLLM<\/a>) and wiper attacks<\/a> targeting Iranian systems.<\/p>\n","protected":false},"excerpt":{"rendered":"

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver credential-stealing malware hidden inside a WAV file. The supply-chain attack was observed by application security firms Aikido, Socket, and Endor Labs, and was attributed to TeamPCP based on the same exfiltration pattern and RSA key seen in previous [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34,1694],"tags":[],"class_list":["post-234190","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode","category-electronics"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/234190","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=234190"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/234190\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=234190"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=234190"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=234190"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}