GHSA-955r-262c-33jc: Telnyx has malicious code in PyPI versions 4.87.1 and 4.87.2
On March 27, 2026, a threat actor used compromised PyPI credentials to publish malicious versions 4.87.1 and 4.87.2 of the telnyx Python package directly to PyPI. These versions contain credential-stealing malware and were not published through the legitimate GitHub release pipeline.
References
- github.com/advisories/GHSA-955r-262c-33jc
- github.com/team-telnyx/telnyx-python
- github.com/team-telnyx/telnyx-python/issues/235
- github.com/team-telnyx/telnyx-python/security/advisories/GHSA-955r-262c-33jc
- ramimac.me/teampcp
- www.endorlabs.com/learn/teampcp-strikes-again-telnyx-compromised-three-days-after-litellm
Code Behaviors & Features
Detect and mitigate GHSA-955r-262c-33jc with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →