TeamPCP Hackers Compromise Official Telnyx Python Package in Supply Chain Attack

Cybercriminals infiltrate Telnyx Python package on PyPI, injecting malware to steal SSH keys. Audit systems and rotate credentials now!

By Content Team

Mar 28, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cybercriminals from TeamPCP have escalated their attacks by compromising the legitimate Telnyx Python package on PyPI, affecting versions 4.87.1 and 4.87.2. The attackers gained access by stealing a maintainer's credentials, then injected malware that steals SSH private keys and bash history files from developers' systems.

Unlike typical typosquatting attacks, this breach targeted an official, trusted package used by the Telnyx cloud communications platform. The malicious code executes automatically during installation, making it particularly dangerous for developers and automated systems.

Socket and Endor Labs researchers discovered the attack on March 27, noting that TeamPCP has recently partnered with Vect ransomware group. Organizations should immediately audit their systems and rotate any exposed credentials.

Source: Infosecurity Magazine

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Carnival Cruise Hit by Data Breach Exposing Customer and Employee Information

Mar 19, 2026

Hackers Exploit Critical Langflow Bug in Just 20 Hours

Mar 20, 2026

Massive GitHub Campaign Spreads Trojan Through 300+ Fake AI Tool Packages

Mar 25, 2026

Microsoft Blocks Windows 11 Automated Installation After Critical Security Flaw

Mar 16, 2026