GHSA-955R-262C-33JC: CVE-2026-33634: Supply Chain Compromise and Malicious Code Execution in Telnyx Python SDK

CVE-2026-33634: Supply Chain Compromise and Malicious Code Execution in Telnyx Python SDK

Vulnerability ID: GHSA-955R-262C-33JC
CVSS Score: 9.4
Published: 2026-03-30

The official Telnyx Python SDK (telnyx) on PyPI was compromised in a supply chain attack by the threat actor TeamPCP. Versions 4.87.1 and 4.87.2 contain embedded malicious code that executes upon import, utilizing WAV audio steganography to deploy secondary payloads for credential harvesting and persistence.

TL;DR

Malicious versions of the Telnyx Python SDK were published to PyPI, executing a steganographic payload delivery system upon import to steal credentials and establish system persistence.

---

⚠️ Exploit Status: ACTIVE

Technical Details

• CWE ID: CWE-506 (Embedded Malicious Code)
• Attack Vector: Network (Supply Chain / PyPI Registry)
• CVSS v4.0 Score: 9.4 (Critical)
• EPSS Score: 0.21153 (21.15%)
• Execution Trigger: Module Initialization (import telnyx)
• Exploit Status: Active Exploitation
• Primary Payload Obfuscation: XOR Steganography via WAV Audio

Affected Systems

• Windows
• Linux
• macOS
• Python Package Index (PyPI) Ecosystem
• telnyx: 4.87.1 - 4.87.2 (Fixed in: 4.87.0)

Mitigation Strategies

• Implement strict version pinning in all dependency management files (requirements.txt, Pipfile, pyproject.toml).
• Utilize hash-checking modes in package managers (e.g., pip install --require-hashes) to ensure artifact integrity.
• Deploy internal artifact registries that block known malicious package versions and synchronize with vulnerability databases.
• Implement network egress filtering to block unauthorized outbound connections, specifically restricting access to known C2 IP addresses.
• Enforce the principle of least privilege for CI/CD systems and developer accounts, utilizing hardware-backed multi-factor authentication for PyPI publishing.

Remediation Steps:

1. Identify vulnerable installations by executing pip show telnyx across all environments to verify the active version.
2. Uninstall the compromised package immediately using pip uninstall telnyx.
3. Reinstall the verified, safe version by executing pip install telnyx==4.87.0.
4. Conduct a comprehensive secret rotation. Invalidate and regenerate all AWS keys, database passwords, and API tokens present on systems that executed the malicious package.
5. Hunt for indicators of compromise. On Windows, delete %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\msbuild.exe and its associated .lock file. On Linux, remove ~/.config/audiomon/audiomon.py.

References

• Telnyx Official Security Notice
• GitHub Advisory (GHSA-955R-262C-33JC)
• SafeDep: Compromised Telnyx on PyPI Analysis
• JFrog: TeamPCP Strikes Again - Telnyx Popular Library Compromised

---

Read the full report for GHSA-955R-262C-33JC on our website for more details including interactive diagrams and full exploit analysis.