On March 27, 2026, telnyx Python SDK v4.87.1/4.87.2 was contaminated with PyPI. TeamPCP collects authentication information for OpenAI, Anthropic, AWS, and GCP by hiding payloads in WAV files. 742K downloads per month.
LiteLLM 1.82.7 and 1.82.8 were poisoned on PyPI for about 46 minutes. TeamPCP stole a PyPI token through Trivy's CI/CD and injected malware that collects more than 50 credential types, including SSH keys, AWS, Kubernetes, and Docker secrets.
