"TeamPCP has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on developers' systems."
"The Telnyx malware's main difference from the LiteLLM package is how it's installed: instead of embedding malicious code directly in the file, the Telnyx package downloads its malware in the form of a .wav file that's decoded and executed on the target machine."
"Telnyx recommends treating the host as compromised and rotating any exposed credentials if you're running versions 4.87.1 or 4.87.2 of the Python package."
TeamPCP has targeted Telnyx by pushing malicious versions of its Python SDK to PyPI, aiming to install credential-stealing malware on developers' systems. The malware, similar to that used in the LiteLLM attack, is delivered as a .wav file that is decoded and executed. Telnyx confirmed the issue was resolved and stated that only the Python package was affected. Developers using versions 4.87.1 or 4.87.2 should consider their environments compromised and rotate any exposed credentials, as the package sees over 34,000 downloads weekly.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]