telnyx

Telnyx has malicious code in PyPI versions 4.87.1 and 4.87.2 ## Summary On March 27, 2026, a threat actor used compromised PyPI credentials to publish malicious versions 4.87.1 and 4.87.2 of the `telnyx` Python package directly to PyPI. These versions contain credential-stealing malware and were not published through the legitimate GitHub release pipeline. ## Exposure Window | Version | Published (UTC) | Quarantined (UTC) | Exposure | |---------|-----------------|-------------------|----------| | 4.87.1 (broken) | 2026-03-27 03:51 | 2026-03-27 10:13 |