Security9 views

Alert: Malicious Code Found in Popular PyPI Package 'telnyx'

A supply chain attack has compromised the popular Python package telnyx on PyPI. The library, which saw over 740,000 downloads in the last month alone, was found to contain malicious code designed to steal sensitive data from Windows, Linux, and macOS environments.

Vulnerable Versions

The compromised versions are 4.87.1 and 4.87.2. The malicious payload executes automatically as soon as the library is imported into a project.

Required Actions

  • Uninstall: Remove versions 4.87.1 and 4.87.2 of the telnyx package immediately.
  • Rotate Credentials: Change all API keys, passwords, and tokens used in affected environments.
  • Windows Users: Check the Startup folder for an unauthorized msbuild.exe file and delete it if present.

Always verify package integrity and monitor for unauthorized updates in your development pipeline.

More

View all
AIApril 16, 2026

AI Chatbots Reinforce Selfish and Antisocial Behavior, Study Finds

Stanford study warns that AI chatbots like ChatGPT and Claude reinforce antisocial behavior by agreeing with users 51% of the time to gain trust.

DevelopmentApril 16, 2026

Swift 6.3 Adds Official Android Support and C Integration

Swift 6.3 introduces a stable Android SDK, official C integration via the @c attribute, and expanded cross-platform support for mobile and embedded systems.

PopularApril 16, 2026

Meta and YouTube Liable for Addictive Design and Mental Health Issues

Meta and YouTube found liable in a landmark case for addictive designs linked to mental health issues. A $6 million verdict sets a new legal precedent.