Telnyx has malicious code in PyPI versions 4.87.1 and 4.87.2

Summary On March 27, 2026, a threat actor used compromised PyPI credentials to publish malicious versions 4.87.1 and 4.87.2 of the telnyx Python package directly to PyPI. These versions contain credential-stealing malware and were not published through the legitimate GitHub release pipeline...

MAL-2026-2254 Malicious code in telnyx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 64fdec8c3d81e855431dd89a2eb1008654d9d4ba0e01293166234b3609efe00a The OpenSSF Package Analysis project identified 'telnyx' @ 4.87.2 pypi as malicious. It is considered malicious because: - The package executes...