{"id":7591,"date":"2026-03-27T18:11:41","date_gmt":"2026-03-27T18:11:41","guid":{"rendered":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/"},"modified":"2026-03-27T18:11:41","modified_gmt":"2026-03-27T18:11:41","slug":"teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files","status":"publish","type":"post","link":"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/","title":{"rendered":"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files"},"content":{"rendered":"<p>\u200bTeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.<br \/>\nThe two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are\u00a0TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.<br \/>\nThe two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are\u00a0\u00a0The Hacker News<\/p>","protected":false},"excerpt":{"rendered":"<p>\u200bTeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a&hellip;&nbsp;<a href=\"https:\/\/news.cybertechworld.co.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\" class=\"\" rel=\"bookmark\">Read More &raquo;<span class=\"screen-reader-text\">TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files<\/span><\/a><\/p>\n","protected":false},"author":0,"featured_media":7592,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7591"}],"collection":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/comments?post=7591"}],"version-history":[{"count":0,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/posts\/7591\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media\/7592"}],"wp:attachment":[{"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/media?parent=7591"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/categories?post=7591"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news.cybertechworld.co.in\/index.php\/wp-json\/wp\/v2\/tags?post=7591"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}