3
Search
TelnyxのPython SDKがPyPIでサプライチェーン攻撃を受けた。悪意あるバージョン4.87.1/4.87.2が約6時間公開されていた。WAVステガノグラフィでペイロード配信とか手口が凝ってる。Trivy、LiteLLMに続く連続攻撃の一環らしい。
telnyx.com/resources/teln…
#セキュリティ #Python #PyPI #サプライチェーン攻撃
Voice AI Agents with Carrier-Grade Voice Quality
From AI model to human ear, Telnyx powers every step with low-latency voice.
From telnyx.com 3
51
15
🚨 Supply chain alert! TeamPCP is pushing malicious Telnyx versions to PyPI, with a stealer cleverly hidden inside WAV files. This is a novel attack on the software supply chain. #Cybersecurity #PyPIthehackernews.com/2026/03/teampc…8
TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files
Malicious telnyx 4.87.1/4.87.2 on PyPI used audio steganography March 27, 2026, enabling cross-platform credential theft.
From thehackernews.com 37
The #TeamPCP campaign continues. The telnyx #PyPI package (versions 4.87.1 & 4.87.2) with ~1M monthly downloads was compromised.
What's new this time:
WAV steganography. The payload hides an XOR-obfuscated binary inside audio frames, downloads it from C2 at import time, and persuild.exe in Startup. Linux/macOS gets a credential harvester with AES-256 + RSA encryption.
The attackers even pushed a bugfix release (4.87.2) within hours of 4.87.1 failing due to a casing error. Operational iteration, live.
A good reminder of why writing detections around behavioral patterns rather than point-in-time indicators matters. Generic rules from years back still hold against new techniques.
Rune AI, our internal LLM analysis layer, surfaces the same verdict for efficient triage.
IOCs & analysis:
socket.dev/blog/telnyx-py…
aikido.dev/blog/telnyx-py…
2
39
98
9.4K
The LiteLLM Supply Chain Attack: How a Security Scanner Became a Backdoor
techlife.blog/posts/litellm-…
#LiteLLM #SupplyChainAttack #PyPI #Security #Malware #Python #TeamPCP #AISecurity
The LiteLLM Supply Chain Attack: How a Security Scanner Became a Backdoor
On March 24, 2026, versions 1.82.7 and 1.82.8 of LiteLLM — with ~97 million monthly downloads — were found to contain a credential-stealing backdoor. Here's what happened, how it worked, and what you...
From techlife.blog 23
تعرضت حزمة Telnyx الشهيرة على مستودع PyPI لعملية اختراق معقدة من قبل مجموعة TeamPCP، حيث تم تسميم المكتبة البرمجية بإصدارات خبيثة (4.87.1 و4.87.2).
📌 للتفاصيل الكاملة:
�instagram.com/p/DWYp455CCkB/…dZ
#pypi #databreach #malwarga
1
1
4
60
Another supply chain attack hits home: LiteLLM was compromised by TeamPCP. Learn how a stolen token led to a massive infostealer deployment and what it means for your software.
thepixelspulse.com/posts/litellm-…
#litellm #teampcp #pypi
54
Our post includes timeline, technical analysis, IOCs, and concrete actions for defenders.
Read:
xygeni.io/blog/litellm-s…
#SupplyChainSecurity #AppSec #PyPI #ThreatIntel #DevSecOps
LiteLLM Supply Chain Attack: How TeamPCP Backdoored AI Infrastructure
Explore the security breach of LiteLLM, affecting millions of users with multi-stage payloads and devastating consequences.
From xygeni.io 39
New analysis: the ##LiteLLM compromise was not an isolated #PyPI incident. It was part of a broader multi-step supply chain campaign.
xygeni.io/blog/litellm-s…
#AppSec #DevSecOps
LiteLLM Supply Chain Attack: How TeamPCP Backdoored AI Infrastructure
Explore the security breach of LiteLLM, affecting millions of users with multi-stage payloads and devastating consequences.
From xygeni.io 1
50
LiteLLM Python library was poisoned via PyPI on March 24 — check if you have version 1.82.8 installed and rotate all credentials immediately
#LiteLLM #Python #PyPI
open.substack.com/pub/pythonlibr…
27
Compromised LiteLLM releases on PyPI turned an AI model proxy into a credential harvester. Centralizing API access concentrates secrets, so one poisoned dependency opens every system it touches. Trust is a supply chain property. #LiteLLM #PyPI
linkly.link/2eRqV
30
A new supply chain attack has compromised #LiteLLM on #PyPI with credential-stealing #malware in a library with 95 million monthly downloads.
hubs.ly/Q048gWDn0
#apisecurity #supplychain #python
New supply chain attack hits LiteLLM with 95M monthly downloads
A new supply chain attack has compromised LiteLLM on PyPI with credential-stealing malware in a library with 95 million monthly downloads.
From cyberinsider.com 44
Truth
•A malicious version of litellm briefly appeared on #PyPI
A compromised release (reported as 1.82.8) was uploaded and then quickly removed. It behaved like a supply chain attack
The package attempted to execute code during install/runtime that could access local env data
1
15
51
Compromised litellm PyPI Package Delivers Multi-Stage Credential Stealer
two malicious versions released (1.82.7 and 1.82.8)
#litellm #pypi
sonatype.com/blog/compromis…
Compromised litellm PyPI Package Delivers Multi-Stage Credential Stealer
Compromised litellm PyPI versions delivered a multi-stage credential stealer, exposing AI pipelines and cloud secrets in a targeted supply chain attack.
From sonatype.com 20
The latest LiteLLM hack by TeamPCP in a nutshell...
ox.security/blog/litellm-m…
#malware #litellm #pypi #supplychain #teampcp
1
72
🚨 Urgent alert for developers! The popular LiteLLM PyPI package has been backdoored in a TeamPCP supply chain attack, designed to steal your credentials and auth tokens. Secure your environments immediately. #PyPI #SecurityAlertbleepingcomputer.com/news/security/…B
Popular LiteLLM PyPI package backdoored to steal credentials, auth tokens
The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular "LiteLLM" Python package on PyPI and claiming to have stolen data from hundreds of thousands of...
From bleepingcomputer.com 24
Warnung: LiteLLM‑Pakete 1.82.7/1.82.8 auf PyPI enthielten Malware, die SSH‑Keys, API‑Tokens und Kubernetes‑Konfigurationen exfiltriert. Prüfe Systeme und rotiere Keys jetzt. #kinewsdaily #cybersecurity #pypi 🔒
15
21