{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreiegqczxghqpvzapqj3puf2cnysmefgnh4vltnedcugabxfsvz6bma",
    "uri": "at://did:plc:b3tz6srl4ochk2wxn6dv6xpy/app.bsky.feed.post/3mi2tqokwvyx2"
  },
  "path": "/Articles/1065059/",
  "publishedAt": "2026-03-27T16:21:17.000Z",
  "site": "https://lwn.net",
  "tags": [
    "reports"
  ],
  "textContent": "The SafeDep blog reports that compromised versions of the telnyx package have been found in the PyPI repository:\n\n> Two versions of `telnyx` (4.87.1 and 4.87.2) published to PyPI on March 27, 2026 contain malicious code injected into `telnyx/_client.py`. The telnyx package averages **over 1 million downloads per month** (~30,000/day), making this a high-impact supply chain compromise. The payload downloads a second-stage binary hidden inside WAV audio files from a remote server, then either drops a persistent executable on Windows or harvests credentials on Linux/macOS.",
  "title": "The telnyx packages on PyPI have been compromised"
}