{"id":11772,"date":"2026-04-01T10:06:25","date_gmt":"2026-04-01T10:06:25","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/04\/01\/hackers-backdoor-telnyx-python-sdk-on-pypi-to-steal-credentials-across-windows-macos-and-linux\/"},"modified":"2026-04-01T10:06:25","modified_gmt":"2026-04-01T10:06:25","slug":"hackers-backdoor-telnyx-python-sdk-on-pypi-to-steal-credentials-across-windows-macos-and-linux","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/04\/01\/hackers-backdoor-telnyx-python-sdk-on-pypi-to-steal-credentials-across-windows-macos-and-linux\/","title":{"rendered":"Hackers Backdoor Telnyx Python SDK on PyPI to Steal Credentials Across Windows, macOS, and Linux"},"content":{"rendered":"<p>    Hackers Backdoor Telnyx Python SDK on PyPI to Steal Credentials Across Windows, macOS, and Linux<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>\n<p>A threat actor group known as TeamPCP has been caught backdooring the Telnyx Python SDK on PyPI \u2014 a popular cloud communications library with over 700,000 downloads in February alone. <\/p>\n<p>On March 27, 2026, two malicious versions of the package, 4.87.1 and 4.87.2, were quietly published to the Python Package Index without any matching commits in the official GitHub repository. <\/p>\n<p>The tainted packages were built to steal credentials from developer systems running Windows, macOS, and Linux, making it one of the broadest supply chain attacks targeting open-source developers this year.<a href=\"https:\/\/ppl-ai-file-upload.s3.amazonaws.com\/web\/direct-files\/attachments\/11146061\/afe83404-03f6-42bf-bc6a-9b0e6ff1bb9b\/Hackers-Backdoor-Telnyx-Python-SDK-on-PyPI-to-Steal-Credentials-Across-Windows-macOS-and-Linux.pdf?AWSAccessKeyId=ASIA2F3EMEYEYFFGRBRZ&amp;Signature=lyfeRriMwgE48vcgMXsHMRZvXEc%3D&amp;x-amz-security-token=IQoJb3JpZ2luX2VjEIj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIH4u6wJLFOOKoUPIss1eEWttRE78nGngSspAJj%2BwXV2bAiEA3iK%2FZZfeTSnn%2FDTbIWrOgFsYl%2FvaFkJg%2FGZEsgaudw0q8wQIUBABGgw2OTk3NTMzMDk3MDUiDAp7JwkmClLJ2hqenirQBOlU7uvDFFkkFCrMfHZ2CtOEZPXlI%2BnCEy2YxFjoAzussX6%2B4hUWZYf55kVQUhjDVwtByfMQrJ105B5UbZ4U9A%2BvRxtD1TB5GtX1I8PbRXLKUWNwKQzTrxP7fWBohEFUNN3n6K7Ta7XrWb40UhyUrB%2Be1zwonnhhlPIjLoA663YXkH%2BMqMPZkltZI%2FsDXSkv0UYrj7L0kg5luj5BKDoK8LPa%2FUOQYXt3Tvc9IFmj4n%2F3I7yTUI85s9HStPK7TFYB2GUl058BM0HtBhJztKpopgAyOSZOfxC6kcR0SRU%2F4TMZ3bzNpBFvjoWPA73lJJyAARF6qEOXyE%2FhcQta%2Bo3tHkP9zoXUeu3cgDqk3zKkfeAXXrn1Hs9TbqY%2FeJZNQhFUZ9fbq1INoj5fWYtTXPx0g8kJRYYknPa9ciMvbKDW0SPtGPIi1QYd%2FeKyZ23%2Fy0bAZiyYMeOC7kFTTaqHdk2MPrcqPExc7LswSUz2dcOAGHWRcC8xCBRKlD6DRzH%2BV9xXj3oNkDQQQ%2FNQdnwtbaxgGuHO6XK1ZoyodxtjAky8LLf1spCgyzkujXLq4NK%2FqjRB9H%2BMvFNONOI8XwMKvagWmxT5c6JU9YdEyVsyX2tMSrluC4iWsC7WRLqWIPyHeQsA%2FtcsMc8LtphYiI4xkVDaou8wLI8ZU2piEjgBkjZKVNZsgm%2BsnMf6ah1LdqTChvV2PC%2BaTpaOmZZ%2FUVVqknMRlkFCR%2F3JhFCcaVdBZ%2FRCEBTewG2oGHiYuQBB%2FUy2G6qBDYI0tqIXrMzZsTKaaIuyqz4wo42zzgY6mAH7U%2Fx10bdX6oP3%2BBskYaaacjiMhxZmFAJB1lcM8H2Hd0Sr2dfeNtQSnKqVIqNhGSXIZjzjhFrkaFXE88a6uunPMkrhFtvna1S7n4ZfPbnnkq9FXnMQonMA81yoY2jBx0CluNJNOVoZVLkRtHH4ogDHd8qyjBCOoP7jtB50YWkk%2B5WyEo53U8rcfuixUroHt%2BDpDXBObhEISQ%3D%3D&amp;Expires=1775030305\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n<p>This strike came just three days after TeamPCP compromised the LiteLLM <a href=\"https:\/\/cybersecuritynews.com\/proxyjacking-campaign-attack-ssh-servers\/\" id=\"24092\" target=\"_blank\" rel=\"noreferrer noopener\">AI proxy<\/a> package, signaling a fast-moving and escalating campaign. <\/p>\n<p>The group appears to be systematically targeting trusted open-source libraries used in AI and developer tooling environments. <\/p>\n<p>The back-to-back nature of these attacks shows that TeamPCP has a well-prepared toolkit and reliable methods for slipping malicious code into real package releases without triggering immediate detection.<a href=\"https:\/\/ppl-ai-file-upload.s3.amazonaws.com\/web\/direct-files\/attachments\/11146061\/afe83404-03f6-42bf-bc6a-9b0e6ff1bb9b\/Hackers-Backdoor-Telnyx-Python-SDK-on-PyPI-to-Steal-Credentials-Across-Windows-macOS-and-Linux.pdf?AWSAccessKeyId=ASIA2F3EMEYEYFFGRBRZ&amp;Signature=lyfeRriMwgE48vcgMXsHMRZvXEc%3D&amp;x-amz-security-token=IQoJb3JpZ2luX2VjEIj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIH4u6wJLFOOKoUPIss1eEWttRE78nGngSspAJj%2BwXV2bAiEA3iK%2FZZfeTSnn%2FDTbIWrOgFsYl%2FvaFkJg%2FGZEsgaudw0q8wQIUBABGgw2OTk3NTMzMDk3MDUiDAp7JwkmClLJ2hqenirQBOlU7uvDFFkkFCrMfHZ2CtOEZPXlI%2BnCEy2YxFjoAzussX6%2B4hUWZYf55kVQUhjDVwtByfMQrJ105B5UbZ4U9A%2BvRxtD1TB5GtX1I8PbRXLKUWNwKQzTrxP7fWBohEFUNN3n6K7Ta7XrWb40UhyUrB%2Be1zwonnhhlPIjLoA663YXkH%2BMqMPZkltZI%2FsDXSkv0UYrj7L0kg5luj5BKDoK8LPa%2FUOQYXt3Tvc9IFmj4n%2F3I7yTUI85s9HStPK7TFYB2GUl058BM0HtBhJztKpopgAyOSZOfxC6kcR0SRU%2F4TMZ3bzNpBFvjoWPA73lJJyAARF6qEOXyE%2FhcQta%2Bo3tHkP9zoXUeu3cgDqk3zKkfeAXXrn1Hs9TbqY%2FeJZNQhFUZ9fbq1INoj5fWYtTXPx0g8kJRYYknPa9ciMvbKDW0SPtGPIi1QYd%2FeKyZ23%2Fy0bAZiyYMeOC7kFTTaqHdk2MPrcqPExc7LswSUz2dcOAGHWRcC8xCBRKlD6DRzH%2BV9xXj3oNkDQQQ%2FNQdnwtbaxgGuHO6XK1ZoyodxtjAky8LLf1spCgyzkujXLq4NK%2FqjRB9H%2BMvFNONOI8XwMKvagWmxT5c6JU9YdEyVsyX2tMSrluC4iWsC7WRLqWIPyHeQsA%2FtcsMc8LtphYiI4xkVDaou8wLI8ZU2piEjgBkjZKVNZsgm%2BsnMf6ah1LdqTChvV2PC%2BaTpaOmZZ%2FUVVqknMRlkFCR%2F3JhFCcaVdBZ%2FRCEBTewG2oGHiYuQBB%2FUy2G6qBDYI0tqIXrMzZsTKaaIuyqz4wo42zzgY6mAH7U%2Fx10bdX6oP3%2BBskYaaacjiMhxZmFAJB1lcM8H2Hd0Sr2dfeNtQSnKqVIqNhGSXIZjzjhFrkaFXE88a6uunPMkrhFtvna1S7n4ZfPbnnkq9FXnMQonMA81yoY2jBx0CluNJNOVoZVLkRtHH4ogDHd8qyjBCOoP7jtB50YWkk%2B5WyEo53U8rcfuixUroHt%2BDpDXBObhEISQ%3D%3D&amp;Expires=1775030305\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n<p><a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/26\/c\/teampcp-telnyx-attack-marks-a-shift-in-tactics.html\" id=\"https:\/\/www.trendmicro.com\/en_us\/research\/26\/c\/teampcp-telnyx-attack-marks-a-shift-in-tactics.html\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Trend Micro analysts identified and documented the Telnyx attack<\/a>, noting that both compromised versions were quarantined by PyPI at 10:13 UTC \u2014 roughly 6.5 hours after first appearing on the platform. <\/p>\n<p>According to the researchers, malicious code was injected directly into the\u00a0<code>telnyx\/_client.py<\/code>\u00a0file, with all execution paths triggered at module scope. <\/p>\n<p>This means that simply running\u00a0<code>import telnyx<\/code>\u00a0in a <a href=\"https:\/\/cybersecuritynews.com\/python-package-sliver-c2-png\/\" id=\"64443\" target=\"_blank\" rel=\"noreferrer noopener\">Python project<\/a> was enough to activate the payload, with no further action required from the developer.<a href=\"https:\/\/ppl-ai-file-upload.s3.amazonaws.com\/web\/direct-files\/attachments\/11146061\/afe83404-03f6-42bf-bc6a-9b0e6ff1bb9b\/Hackers-Backdoor-Telnyx-Python-SDK-on-PyPI-to-Steal-Credentials-Across-Windows-macOS-and-Linux.pdf?AWSAccessKeyId=ASIA2F3EMEYEYFFGRBRZ&amp;Signature=lyfeRriMwgE48vcgMXsHMRZvXEc%3D&amp;x-amz-security-token=IQoJb3JpZ2luX2VjEIj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIH4u6wJLFOOKoUPIss1eEWttRE78nGngSspAJj%2BwXV2bAiEA3iK%2FZZfeTSnn%2FDTbIWrOgFsYl%2FvaFkJg%2FGZEsgaudw0q8wQIUBABGgw2OTk3NTMzMDk3MDUiDAp7JwkmClLJ2hqenirQBOlU7uvDFFkkFCrMfHZ2CtOEZPXlI%2BnCEy2YxFjoAzussX6%2B4hUWZYf55kVQUhjDVwtByfMQrJ105B5UbZ4U9A%2BvRxtD1TB5GtX1I8PbRXLKUWNwKQzTrxP7fWBohEFUNN3n6K7Ta7XrWb40UhyUrB%2Be1zwonnhhlPIjLoA663YXkH%2BMqMPZkltZI%2FsDXSkv0UYrj7L0kg5luj5BKDoK8LPa%2FUOQYXt3Tvc9IFmj4n%2F3I7yTUI85s9HStPK7TFYB2GUl058BM0HtBhJztKpopgAyOSZOfxC6kcR0SRU%2F4TMZ3bzNpBFvjoWPA73lJJyAARF6qEOXyE%2FhcQta%2Bo3tHkP9zoXUeu3cgDqk3zKkfeAXXrn1Hs9TbqY%2FeJZNQhFUZ9fbq1INoj5fWYtTXPx0g8kJRYYknPa9ciMvbKDW0SPtGPIi1QYd%2FeKyZ23%2Fy0bAZiyYMeOC7kFTTaqHdk2MPrcqPExc7LswSUz2dcOAGHWRcC8xCBRKlD6DRzH%2BV9xXj3oNkDQQQ%2FNQdnwtbaxgGuHO6XK1ZoyodxtjAky8LLf1spCgyzkujXLq4NK%2FqjRB9H%2BMvFNONOI8XwMKvagWmxT5c6JU9YdEyVsyX2tMSrluC4iWsC7WRLqWIPyHeQsA%2FtcsMc8LtphYiI4xkVDaou8wLI8ZU2piEjgBkjZKVNZsgm%2BsnMf6ah1LdqTChvV2PC%2BaTpaOmZZ%2FUVVqknMRlkFCR%2F3JhFCcaVdBZ%2FRCEBTewG2oGHiYuQBB%2FUy2G6qBDYI0tqIXrMzZsTKaaIuyqz4wo42zzgY6mAH7U%2Fx10bdX6oP3%2BBskYaaacjiMhxZmFAJB1lcM8H2Hd0Sr2dfeNtQSnKqVIqNhGSXIZjzjhFrkaFXE88a6uunPMkrhFtvna1S7n4ZfPbnnkq9FXnMQonMA81yoY2jBx0CluNJNOVoZVLkRtHH4ogDHd8qyjBCOoP7jtB50YWkk%2B5WyEo53U8rcfuixUroHt%2BDpDXBObhEISQ%3D%3D&amp;Expires=1775030305\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n<p>The impact of this attack is significant. Any developer or organization that installed either of the affected versions should treat their systems as fully compromised. <\/p>\n<p>The payload was designed to steal credentials and send them silently to an attacker-controlled server using an encryption chain that includes AES-256-CBC and RSA-4096. <\/p>\n<p>The attack also reached across all three major operating systems, with Windows users facing the additional risk of a boot persistence mechanism that ensured the malware stayed active and ran automatically after every system restart.<a href=\"https:\/\/ppl-ai-file-upload.s3.amazonaws.com\/web\/direct-files\/attachments\/11146061\/afe83404-03f6-42bf-bc6a-9b0e6ff1bb9b\/Hackers-Backdoor-Telnyx-Python-SDK-on-PyPI-to-Steal-Credentials-Across-Windows-macOS-and-Linux.pdf?AWSAccessKeyId=ASIA2F3EMEYEYFFGRBRZ&amp;Signature=lyfeRriMwgE48vcgMXsHMRZvXEc%3D&amp;x-amz-security-token=IQoJb3JpZ2luX2VjEIj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIH4u6wJLFOOKoUPIss1eEWttRE78nGngSspAJj%2BwXV2bAiEA3iK%2FZZfeTSnn%2FDTbIWrOgFsYl%2FvaFkJg%2FGZEsgaudw0q8wQIUBABGgw2OTk3NTMzMDk3MDUiDAp7JwkmClLJ2hqenirQBOlU7uvDFFkkFCrMfHZ2CtOEZPXlI%2BnCEy2YxFjoAzussX6%2B4hUWZYf55kVQUhjDVwtByfMQrJ105B5UbZ4U9A%2BvRxtD1TB5GtX1I8PbRXLKUWNwKQzTrxP7fWBohEFUNN3n6K7Ta7XrWb40UhyUrB%2Be1zwonnhhlPIjLoA663YXkH%2BMqMPZkltZI%2FsDXSkv0UYrj7L0kg5luj5BKDoK8LPa%2FUOQYXt3Tvc9IFmj4n%2F3I7yTUI85s9HStPK7TFYB2GUl058BM0HtBhJztKpopgAyOSZOfxC6kcR0SRU%2F4TMZ3bzNpBFvjoWPA73lJJyAARF6qEOXyE%2FhcQta%2Bo3tHkP9zoXUeu3cgDqk3zKkfeAXXrn1Hs9TbqY%2FeJZNQhFUZ9fbq1INoj5fWYtTXPx0g8kJRYYknPa9ciMvbKDW0SPtGPIi1QYd%2FeKyZ23%2Fy0bAZiyYMeOC7kFTTaqHdk2MPrcqPExc7LswSUz2dcOAGHWRcC8xCBRKlD6DRzH%2BV9xXj3oNkDQQQ%2FNQdnwtbaxgGuHO6XK1ZoyodxtjAky8LLf1spCgyzkujXLq4NK%2FqjRB9H%2BMvFNONOI8XwMKvagWmxT5c6JU9YdEyVsyX2tMSrluC4iWsC7WRLqWIPyHeQsA%2FtcsMc8LtphYiI4xkVDaou8wLI8ZU2piEjgBkjZKVNZsgm%2BsnMf6ah1LdqTChvV2PC%2BaTpaOmZZ%2FUVVqknMRlkFCR%2F3JhFCcaVdBZ%2FRCEBTewG2oGHiYuQBB%2FUy2G6qBDYI0tqIXrMzZsTKaaIuyqz4wo42zzgY6mAH7U%2Fx10bdX6oP3%2BBskYaaacjiMhxZmFAJB1lcM8H2Hd0Sr2dfeNtQSnKqVIqNhGSXIZjzjhFrkaFXE88a6uunPMkrhFtvna1S7n4ZfPbnnkq9FXnMQonMA81yoY2jBx0CluNJNOVoZVLkRtHH4ogDHd8qyjBCOoP7jtB50YWkk%2B5WyEo53U8rcfuixUroHt%2BDpDXBObhEISQ%3D%3D&amp;Expires=1775030305\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n<p>PyPI has since quarantined the malicious versions, and the last confirmed clean release is version 4.87.0. Users who installed the affected packages are strongly advised to downgrade immediately and treat any exposed systems as potentially compromised. <\/p>\n<p>Additionally, credential rotation is strongly recommended for any accounts accessible from affected machines.<a href=\"https:\/\/ppl-ai-file-upload.s3.amazonaws.com\/web\/direct-files\/attachments\/11146061\/afe83404-03f6-42bf-bc6a-9b0e6ff1bb9b\/Hackers-Backdoor-Telnyx-Python-SDK-on-PyPI-to-Steal-Credentials-Across-Windows-macOS-and-Linux.pdf?AWSAccessKeyId=ASIA2F3EMEYEYFFGRBRZ&amp;Signature=lyfeRriMwgE48vcgMXsHMRZvXEc%3D&amp;x-amz-security-token=IQoJb3JpZ2luX2VjEIj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIH4u6wJLFOOKoUPIss1eEWttRE78nGngSspAJj%2BwXV2bAiEA3iK%2FZZfeTSnn%2FDTbIWrOgFsYl%2FvaFkJg%2FGZEsgaudw0q8wQIUBABGgw2OTk3NTMzMDk3MDUiDAp7JwkmClLJ2hqenirQBOlU7uvDFFkkFCrMfHZ2CtOEZPXlI%2BnCEy2YxFjoAzussX6%2B4hUWZYf55kVQUhjDVwtByfMQrJ105B5UbZ4U9A%2BvRxtD1TB5GtX1I8PbRXLKUWNwKQzTrxP7fWBohEFUNN3n6K7Ta7XrWb40UhyUrB%2Be1zwonnhhlPIjLoA663YXkH%2BMqMPZkltZI%2FsDXSkv0UYrj7L0kg5luj5BKDoK8LPa%2FUOQYXt3Tvc9IFmj4n%2F3I7yTUI85s9HStPK7TFYB2GUl058BM0HtBhJztKpopgAyOSZOfxC6kcR0SRU%2F4TMZ3bzNpBFvjoWPA73lJJyAARF6qEOXyE%2FhcQta%2Bo3tHkP9zoXUeu3cgDqk3zKkfeAXXrn1Hs9TbqY%2FeJZNQhFUZ9fbq1INoj5fWYtTXPx0g8kJRYYknPa9ciMvbKDW0SPtGPIi1QYd%2FeKyZ23%2Fy0bAZiyYMeOC7kFTTaqHdk2MPrcqPExc7LswSUz2dcOAGHWRcC8xCBRKlD6DRzH%2BV9xXj3oNkDQQQ%2FNQdnwtbaxgGuHO6XK1ZoyodxtjAky8LLf1spCgyzkujXLq4NK%2FqjRB9H%2BMvFNONOI8XwMKvagWmxT5c6JU9YdEyVsyX2tMSrluC4iWsC7WRLqWIPyHeQsA%2FtcsMc8LtphYiI4xkVDaou8wLI8ZU2piEjgBkjZKVNZsgm%2BsnMf6ah1LdqTChvV2PC%2BaTpaOmZZ%2FUVVqknMRlkFCR%2F3JhFCcaVdBZ%2FRCEBTewG2oGHiYuQBB%2FUy2G6qBDYI0tqIXrMzZsTKaaIuyqz4wo42zzgY6mAH7U%2Fx10bdX6oP3%2BBskYaaacjiMhxZmFAJB1lcM8H2Hd0Sr2dfeNtQSnKqVIqNhGSXIZjzjhFrkaFXE88a6uunPMkrhFtvna1S7n4ZfPbnnkq9FXnMQonMA81yoY2jBx0CluNJNOVoZVLkRtHH4ogDHd8qyjBCOoP7jtB50YWkk%2B5WyEo53U8rcfuixUroHt%2BDpDXBObhEISQ%3D%3D&amp;Expires=1775030305\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n<h2 class=\"wp-block-heading\" id=\"wav-steganography-malware-hidden-inside-audio-file\"><strong>WAV Steganography: Malware Hidden Inside Audio Files<\/strong><\/h2>\n<p>The most notable technical shift in this attack is how TeamPCP concealed the credential-stealing payload inside WAV audio files. <\/p>\n<p>Unlike the earlier LiteLLM attack, where the harvester was embedded directly in the source code as a Base64 blob, the Telnyx variant downloaded the malware at runtime from a command-and-control (C&amp;C) server at\u00a0<code>83[.]142[.]209[.]203:8080<\/code>. <\/p>\n<p>The payload was hidden inside structurally valid WAV files that pass standard MIME-type checks, bypass file <a href=\"https:\/\/cybersecuritynews.com\/malicious-chrome-extension-steals-wallet-login-credentials\/\" id=\"139448\" target=\"_blank\" rel=\"noreferrer noopener\">extension filters<\/a>, and leave no harvester logic visible in the package source code.<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhfcC7LOdZTeFMXAr3fYehbmZ0aDwQj-tEGR48XRp-0ei6rS8lMIsvwBqCGxF1FXTDueBbZV7U7nd1aokI-EfFGRTHqREW8r2KxACpN-mGYoD1DuNMjsBzt9dXy1BJfM6Nln6mTbvCpaLImFbv-tithZZbHbVWigxo6FN0XpbQU-6EHjhHTDrEJidwxd3Y\/s16000\/The%2520decoded%2520Base64%2520payload%2520for%2520Linux%2520downloading%2520the%2520WAV%2520file%2520%28Source%2520-%2520Trend%2520Micro%29.webp?ssl=1\" alt=\"The decoded Base64 payload for Linux downloading the WAV file (Source - Trend Micro)\"><figcaption class=\"wp-element-caption\">The decoded Base64 payload for Linux downloading the WAV file (Source \u2013 Trend Micro)<\/figcaption><\/figure>\n<\/div>\n<p>The decoded Base64 payload for Linux downloads the WAV file, decodes it, and executes the resulting payload. <\/p>\n<p>The extraction process worked by reading the raw audio frames using Python\u2019s\u00a0<code>wave<\/code>\u00a0module, then Base64-decoding the data and splitting it: the first 8 bytes acted as an XOR key, while the remaining bytes formed the encrypted payload. <\/p>\n<p>Each byte was XORed against this rotating key to recover the cleartext harvester. This approach made static analysis of the package completely ineffective, since the actual stealing logic never resided in the code at all.<\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEg2N5DWf4CgCu6oj3lLLIpVuoVOuf7i0nr2wP-diTZVhfh_WQeSwfrcEPrhfuR_2C9RvzV834pDguMXiRee8si4c1Z4sVOs5M6WvHe8d3EeMGrXuu_PBvZLGPaui0At25IGJngwvHWodEv6Dx-_MyJHazPDFxKIFO9Il3XIcVL1EHAdE1kglGaxwQuPMJg\/s16000\/Base64%2520decode%2520wrapper%2520function%2520%28Source%2520-%2520Trend%2520Micro%29.webp?ssl=1\" alt=\"Base64 decode wrapper function (Source - Trend Micro)\"><figcaption class=\"wp-element-caption\">Base64 decode wrapper function (Source \u2013 Trend Micro)<\/figcaption><\/figure>\n<\/div>\n<p>The malicious code was also split across three separate locations in\u00a0<code>_client.py<\/code>, making it far harder to catch through a quick visual scan. <\/p>\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjsYGG4zFxX6RC456CrMHd6RmJRIUYYfSyCD8mC5Xd0JyHqwpovjfLTFnKuFJPipeJBaTY5GXTjZTphV07DNJsMJ9WTdgXiz8KjcVnqlVBKeVNkAwa-BW1m4pqWq7nEX_K1gHOmqOrCpZlY3K0ZwcXpnqSeJHPtPk5EJHmyC_vG6WdtLAEMSP31UOLdAoY\/s16000\/Linux%2520orchestrator%2520and%2520harvester%2520%28Source%2520-%2520Trend%2520Micro%29.webp?ssl=1\" alt=\"Linux orchestrator and harvester (Source - Trend Micro)\"><figcaption class=\"wp-element-caption\">Linux orchestrator and harvester (Source \u2013 Trend Micro)<\/figcaption><\/figure>\n<\/div>\n<p>On Windows, the payload installed a disguised executable named\u00a0<code>msbuild.exe<\/code>\u00a0into the Startup folder for boot persistence. <\/p>\n<p>Organizations should look for unexpected WAV file downloads from non-media <a href=\"https:\/\/cybersecuritynews.com\/911-s5-botnet-dismantled\/\" id=\"66150\" target=\"_blank\" rel=\"noreferrer noopener\">IP addresses<\/a> over port 8080, outbound HTTP requests carrying the\u00a0<code>X-Filename: tpcp.tar.gz<\/code>\u00a0header, and any\u00a0<code>msbuild.exe<\/code>\u00a0files appearing in user Startup directories. <\/p>\n<p>All PyPI dependencies should be pinned by hash, and CI\/CD pipelines should be actively monitored for unusual audio file downloads or unexpected outbound connections.<a href=\"https:\/\/ppl-ai-file-upload.s3.amazonaws.com\/web\/direct-files\/attachments\/11146061\/afe83404-03f6-42bf-bc6a-9b0e6ff1bb9b\/Hackers-Backdoor-Telnyx-Python-SDK-on-PyPI-to-Steal-Credentials-Across-Windows-macOS-and-Linux.pdf?AWSAccessKeyId=ASIA2F3EMEYEYFFGRBRZ&amp;Signature=lyfeRriMwgE48vcgMXsHMRZvXEc%3D&amp;x-amz-security-token=IQoJb3JpZ2luX2VjEIj%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FwEaCXVzLWVhc3QtMSJHMEUCIH4u6wJLFOOKoUPIss1eEWttRE78nGngSspAJj%2BwXV2bAiEA3iK%2FZZfeTSnn%2FDTbIWrOgFsYl%2FvaFkJg%2FGZEsgaudw0q8wQIUBABGgw2OTk3NTMzMDk3MDUiDAp7JwkmClLJ2hqenirQBOlU7uvDFFkkFCrMfHZ2CtOEZPXlI%2BnCEy2YxFjoAzussX6%2B4hUWZYf55kVQUhjDVwtByfMQrJ105B5UbZ4U9A%2BvRxtD1TB5GtX1I8PbRXLKUWNwKQzTrxP7fWBohEFUNN3n6K7Ta7XrWb40UhyUrB%2Be1zwonnhhlPIjLoA663YXkH%2BMqMPZkltZI%2FsDXSkv0UYrj7L0kg5luj5BKDoK8LPa%2FUOQYXt3Tvc9IFmj4n%2F3I7yTUI85s9HStPK7TFYB2GUl058BM0HtBhJztKpopgAyOSZOfxC6kcR0SRU%2F4TMZ3bzNpBFvjoWPA73lJJyAARF6qEOXyE%2FhcQta%2Bo3tHkP9zoXUeu3cgDqk3zKkfeAXXrn1Hs9TbqY%2FeJZNQhFUZ9fbq1INoj5fWYtTXPx0g8kJRYYknPa9ciMvbKDW0SPtGPIi1QYd%2FeKyZ23%2Fy0bAZiyYMeOC7kFTTaqHdk2MPrcqPExc7LswSUz2dcOAGHWRcC8xCBRKlD6DRzH%2BV9xXj3oNkDQQQ%2FNQdnwtbaxgGuHO6XK1ZoyodxtjAky8LLf1spCgyzkujXLq4NK%2FqjRB9H%2BMvFNONOI8XwMKvagWmxT5c6JU9YdEyVsyX2tMSrluC4iWsC7WRLqWIPyHeQsA%2FtcsMc8LtphYiI4xkVDaou8wLI8ZU2piEjgBkjZKVNZsgm%2BsnMf6ah1LdqTChvV2PC%2BaTpaOmZZ%2FUVVqknMRlkFCR%2F3JhFCcaVdBZ%2FRCEBTewG2oGHiYuQBB%2FUy2G6qBDYI0tqIXrMzZsTKaaIuyqz4wo42zzgY6mAH7U%2Fx10bdX6oP3%2BBskYaaacjiMhxZmFAJB1lcM8H2Hd0Sr2dfeNtQSnKqVIqNhGSXIZjzjhFrkaFXE88a6uunPMkrhFtvna1S7n4ZfPbnnkq9FXnMQonMA81yoY2jBx0CluNJNOVoZVLkRtHH4ogDHd8qyjBCOoP7jtB50YWkk%2B5WyEo53U8rcfuixUroHt%2BDpDXBObhEISQ%3D%3D&amp;Expires=1775030305\" target=\"_blank\" rel=\"noreferrer noopener\"><\/a><\/p>\n<p class=\"has-text-align-center has-background\" style=\"background:linear-gradient(180deg,rgb(238,238,238) 91%,rgb(169,184,195) 100%)\"><strong>Follow us on\u00a0<a href=\"https:\/\/news.google.com\/publications\/CAAqMggKIixDQklTR3dnTWFoY0tGV041WW1WeWMyVmpkWEpwZEhsdVpYZHpMbU52YlNnQVAB?hl=en-IN&amp;gl=IN&amp;ceid=IN:en\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Google News<\/a>,\u00a0<a href=\"https:\/\/www.linkedin.com\/company\/cybersecurity-news\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">LinkedIn<\/a>,\u00a0and\u00a0<a href=\"https:\/\/x.com\/cyber_press_org\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">X<\/a>\u00a0to Get More Instant Updates<\/strong>,\u00a0<strong>Set CSN as a Preferred Source in\u00a0<a href=\"https:\/\/www.google.com\/preferences\/source?q=cybersecuritynews.com\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Google<\/a>.<\/strong><\/p>\n<p>The post <a href=\"https:\/\/cybersecuritynews.com\/hackers-backdoor-telnyx-python-sdk-on-pypi\/\">Hackers Backdoor Telnyx Python SDK on PyPI to Steal Credentials Across Windows, macOS, and Linux<\/a> appeared first on <a href=\"https:\/\/cybersecuritynews.com\/\">Cyber Security News<\/a>.<\/p>\n<\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Tushar Subhra Dutta<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/cybersecuritynews.com\/hackers-backdoor-telnyx-python-sdk-on-pypi\/\">Go to cyber-security-news<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hackers Backdoor Telnyx Python SDK on PyPI to Steal Credentials Across Windows, macOS, and Linux A threat actor group known as TeamPCP has been caught backdooring the Telnyx Python SDK on PyPI \u2014 a popular cloud communications library with over 700,000 downloads in February alone. On March 27, 2026, two malicious versions of the package, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[129,63,649],"tags":[130],"class_list":["post-11772","post","type-post","status-publish","format-standard","hentry","category-cyber-security","category-cyber-security-news","category-threats","tag-cyber-security-news"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/11772"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=11772"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/11772\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=11772"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=11772"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=11772"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}