{"id":2177,"date":"2026-03-27T18:06:54","date_gmt":"2026-03-27T18:06:54","guid":{"rendered":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/"},"modified":"2026-03-27T18:06:54","modified_gmt":"2026-03-27T18:06:54","slug":"teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files","status":"publish","type":"post","link":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/","title":{"rendered":"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files"},"content":{"rendered":"<div>TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data.<br \/>\nThe two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a .WAV file. Users are<\/div>\n","protected":false},"excerpt":{"rendered":"<p>TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-container-style":"default","site-container-layout":"default","site-sidebar-layout":"default","disable-article-header":"default","disable-site-header":"default","disable-site-footer":"default","disable-content-area-spacing":"default","footnotes":""},"categories":[90],"tags":[91],"class_list":["post-2177","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.7 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files - Imperative Business Ventures Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files - Imperative Business Ventures Limited\" \/>\n<meta property=\"og:description\" content=\"TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\" \/>\n<meta property=\"og:site_name\" content=\"Imperative Business Ventures Limited\" \/>\n<meta property=\"article:published_time\" content=\"2026-03-27T18:06:54+00:00\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"headline\":\"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files\",\"datePublished\":\"2026-03-27T18:06:54+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\"},\"wordCount\":67,\"keywords\":[\"Cybersecurity\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\",\"url\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\",\"name\":\"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files - Imperative Business Ventures Limited\",\"isPartOf\":{\"@id\":\"https:\/\/blog.ibvl.in\/#website\"},\"datePublished\":\"2026-03-27T18:06:54+00:00\",\"author\":{\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.ibvl.in\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.ibvl.in\/#website\",\"url\":\"https:\/\/blog.ibvl.in\/\",\"name\":\"Imperative Business Ventures Limited\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.ibvl.in\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\/\/blog.ibvl.in\"],\"url\":\"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files - Imperative Business Ventures Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/","og_locale":"en_US","og_type":"article","og_title":"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files - Imperative Business Ventures Limited","og_description":"TeamPCP, the threat actor behind the supply chain attack targeting Trivy, KICS, and litellm, has now compromised the telnyx Python package by pushing two malicious versions to steal sensitive data. The two versions, 4.87.1 and 4.87.2, published to the Python Package Index (PyPI) repository on March 27, 2026, concealed their credential harvesting capabilities within a [&hellip;]","og_url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/","og_site_name":"Imperative Business Ventures Limited","article_published_time":"2026-03-27T18:06:54+00:00","author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/#article","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/"},"author":{"name":"admin","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"headline":"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files","datePublished":"2026-03-27T18:06:54+00:00","mainEntityOfPage":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/"},"wordCount":67,"keywords":["Cybersecurity"],"articleSection":["Cybersecurity"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/","url":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/","name":"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files - Imperative Business Ventures Limited","isPartOf":{"@id":"https:\/\/blog.ibvl.in\/#website"},"datePublished":"2026-03-27T18:06:54+00:00","author":{"@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02"},"breadcrumb":{"@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.ibvl.in\/index.php\/2026\/03\/27\/teampcp-pushes-malicious-telnyx-versions-to-pypi-hides-stealer-in-wav-files\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.ibvl.in\/"},{"@type":"ListItem","position":2,"name":"TeamPCP Pushes Malicious Telnyx Versions to PyPI, Hides Stealer in WAV Files"}]},{"@type":"WebSite","@id":"https:\/\/blog.ibvl.in\/#website","url":"https:\/\/blog.ibvl.in\/","name":"Imperative Business Ventures Limited","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.ibvl.in\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/55b87b72a56b1bbe9295fe5ef7a20b02","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.ibvl.in\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4d20b2cd313e4417a599678e950e6fb7d4dfa178a72f2b769335a08aaa615aa9?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/blog.ibvl.in"],"url":"https:\/\/blog.ibvl.in\/index.php\/author\/admin_hcbs9yw6\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2177","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/comments?post=2177"}],"version-history":[{"count":0,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/posts\/2177\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/media?parent=2177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/categories?post=2177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ibvl.in\/index.php\/wp-json\/wp\/v2\/tags?post=2177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}