According to a recent LinkedIn post from OX Security, the company has analyzed malicious versions of the Telnyx Python SDK (4.87.1 and 4.87.2) allegedly uploaded to PyPI with a credential-stealing backdoor. The post links this activity to the TeamPCP group and frames it as part of a broader software supply chain campaign following the LiteLLM incident.
Claim 30% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
The LinkedIn post indicates that any developer or organization that installed or upgraded to these Telnyx versions may be affected, with Telnyx reportedly seeing over 34,000 weekly and 700,000 monthly downloads. The post also notes that OX Security’s customers were reportedly not impacted, suggesting that the company’s tools or processes may have helped mitigate exposure.
The post recommends standard incident-response steps such as immediate rotation of keys and tokens, revoking and reissuing credentials, pinning dependencies to known-safe versions, and auditing for suspicious activity. For investors, this episode underscores the growing importance of software supply chain security and positions OX Security as an active participant in threat analysis, which could support demand for its offerings in an expanding cybersecurity market.