Backdoored Telnyx PyPI package pushes malware hidden in WAV audio - BleepingComputer

Telnyx PyPI package compromised with malware hidden in WAV audio files A backdoored Telnyx package was discovered on PyPI (Python Package Index) containing malware obfuscated within WAV audio files. The compromised package represents a supply chain security threat targeting developers who integrate Telnyx's communications services. This incident highlights the vulnerability of open-source package repositories to malicious actors seeking to distribute malware through trusted provider dependencies. The malware was hidden in audio files, suggesting sophisticated obfuscation techniques to evade detection. Organizations using Telnyx Python libraries should audit their dependencies and update to verified, uncompromised versions immediately.