- Updated: March 27, 2026
- 2 min read
Telnyx PyPI Packages Compromised with Malware – What You Need to Know
$( LWN.net News from the source ContentWeekly EditionArchivesSearchKernelSecurityEvents calendarUnread commentsLWN FAQWrite for us User: Password: | | Log in / Subscribe / Register The telnyx packages on PyPI have been compromised [Posted March 27, 2026 by corbet] The SafeDep blog reports that compromised versions of the telnyx package have been found in the PyPI repository: Two versions of telnyx (4.87.1 and 4.87.2) published to PyPI on March 27, 2026 contain malicious code injected into telnyx/_client.py. The telnyx package averages over 1 million downloads per month (~30,000/day), making this a high-impact supply chain compromise. The payload downloads a second-stage binary hidden inside WAV audio files from a remote server, then either drops a persistent executable on Windows or harvests credentials on Linux/macOS. to post comments What telnyx is .Posted Mar 27, 2026 17:02 UTC (Fri) by jepler (subscriber, #105975) [Link] (1 responses) If you’re like me, you did not know what Telnyx was before hearing that it was compromised. Pypi: “The Telnyx Python library provides convenient access to the Telnyx REST API from any Python 3.9+ application” telnyx(dot)com, ddg extract: “Telnyx—Voice AI Agents with Built-In Global Telco Infrastructure” What telnyx is .Posted Mar 27, 2026 19:02 UTC (Fri) by welinder (guest, #4699) [Link] I know precisely nothing about telnyx. But “over 1 million downloads per month” sounds like a very high number to me. In fact, it sounds like the result of an automated procedure, possibly ci/cd, that downloads repeatedly for an unknown, much smaller, set of users. Copyright © 2026, Eklektix, Inc. Comments and public postings are copyrighted by their creators. Linux is a registered trademark of Linus Torvalds )
Read the original report on LWN.net.
For more security‑related updates, visit our security news section and check out the malware tag for related articles.