The telnyx packages on PyPI have been compromised

by
corbet
from LWN.net on (#74HR9)
The SafeDep blog reportsthat compromised versions of the telnyx package have been found in the PyPIrepository:

Two versions of telnyx (4.87.1 and 4.87.2) published toPyPI on March 27, 2026 contain malicious code injected intotelnyx/_client.py. The telnyx package averages over 1 milliondownloads per month (~30,000/day), making this a high-impactsupply chain compromise. The payload downloads a second-stagebinary hidden inside WAV audio files from a remote server, theneither drops a persistent executable on Windows or harvestscredentials on Linux/macOS.
External Content
Source RSS or Atom Feed
Feed Location http://lwn.net/headlines/rss
Feed Title LWN.net
Feed Link https://lwn.net/
Reply 0 comments