XDA Developers on MSN

A popular Python library just became a backdoor to your entire machine

Supply chain attacks feel like they're becoming more and more common.
The Hacker News

TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files

Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
Infosecurity Magazine

TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack

Socket and Endor Labs discovered a new TeamPCP campaign leading to the delivery of credential-stealing malware ...

Major compromise of the telnyx PyPI library could put millions of users at risk

TeamPCP strikes again, with almost identical code to LiteLLM.