BACK_TO_FEEDAICRIER_2
Telnyx Python SDK compromised on PyPI
OPEN_SOURCE ↗
HN · HACKER_NEWS// 14d agoSECURITY INCIDENT

Telnyx Python SDK compromised on PyPI

ANNOUNCEMENTPRODUCTPRODUCT HUNT

Telnyx says unauthorized versions 4.87.1 and 4.87.2 of its Python SDK were briefly published to PyPI on March 27, 2026, and both contained malicious code. The company says its platform and APIs were untouched, but anyone who installed the package during that window should downgrade and rotate secrets.

// ANALYSIS

This is the worst kind of supply-chain incident: a normal `pip install` can become malware delivery, even when the vendor's core service is fine. The narrow time window helps, but unpinned dependencies and CI automation can still make the blast radius surprisingly wide.

  • The bad releases were live for only a few hours, so floating version ranges are the biggest risk.
  • Aikido reports the payload runs at import time and hides a second stage in `.wav` files, which is exactly the sort of trick that slips past naive scanners.
  • Telnyx says the platform, APIs, and infrastructure were not compromised, so the incident is about package distribution and publishing credentials, not backend access.
  • The incident fits the same March 2026 supply-chain wave that hit Trivy, Checkmarx, and LiteLLM, which is a reminder to review CI/CD tokens, build caches, and dependency pinning together.
  • Teams that touched `telnyx` in the window should treat the environment as compromised, not merely outdated.
// TAGS
telnyx-python-sdksdkapidevtool

DISCOVERED

14d ago

2026-03-28

PUBLISHED

15d ago

2026-03-27

RELEVANCE

7/ 10

AUTHOR

overflowy