March 27, 2026
Ringtones of doom
PyPI package telnyx has been compromised in yet another supply chain attack
Telnyx SDK booby‑trapped: “ringtone” malware sparks a speed‑vs‑safety brawl
TLDR: The Telnyx Python package on PyPI was hijacked, hiding malware in audio files that runs on import. Commenters clash over slowing releases for safety versus shipping fast, with worries that AI scanners will block everything while attackers outpace defenses—making this a high‑stakes speed vs security showdown.
TeamPCP just dropped another bombshell: the official Telnyx Python package on PyPI was compromised and the payload is hiding in a WAV “ringtone”. Translation for non‑nerds: a supply chain attack means bad code sneaks into trusted software, so just installing or importing it can quietly run malware. In this case, just importing telnyx triggers it. Windows gets a sneaky startup app; Mac/Linux grab a collector and ship off an encrypted bundle called tpcp.tar.gz. It’s the latest hit after Trivy, Checkmarx, and LiteLLM—basically, a cross‑platform game of “tag, you’re owned.”
The community reaction? A mix of panic, punchlines, and petty platform wars. One camp is terrified that automated safeguards will go nuclear: “blocked by false positives,” warns johndough, invoking the drama of bug bounties overwhelmed by AI. The speed demons clap back with gallows humor: “how can we deploy our vibe‑coded PRs 40 times a day?” asks sigseg1v—because slowing down feels like heresy. Meanwhile, some folks just sigh “Thank you!” like they’ve seen this movie too many times.
And then the meta‑drama: tomhow points everyone to the real fight over on Hacker News, where the thread is already heating up. The vibe is crystal clear: lock it down vs ship it fast, with a soundtrack of sarcastic "ringtone" jokes and a lot of side‑eye at scanners that might nuke half the ecosystem.
Key Points
- •Two malicious versions of the Telnyx Python SDK were uploaded to PyPI on March 27 at 03:51 UTC, executing import-time malware via telnyx/_client.py.
- •The malware uses WAV steganography: on Windows it decodes hangup.wav to drop msbuild.exe in Startup; on Linux/macOS it runs a multi-stage Python payload fetched from ringtone.wav.
- •Exfiltration on Linux/macOS encrypts data with AES-256-CBC, wraps the session key with RSA-4096 OAEP, and sends tpcp.tar.gz with header X-Filename: tpcp.tar.gz.
- •The Telnyx incident is part of a wider TeamPCP campaign following compromises of Trivy (CVE-2026-33634), npm (CanisterWorm), Checkmarx assets, and LiteLLM (versions 1.82.7, 1.82.8).
- •The campaign’s pattern: steal CI/CD credentials from trusted tools (e.g., unpinned Trivy), publish malicious packages, harvest more credentials, and pivot across ecosystems.