Tech Mar 28, 2026 4 min TeamPCP infected telnyx Python SDK with PyPI and stole API credentials with payload embedded in WAV audio On March 27, 2026, telnyx Python SDK v4.87.1/4.87.2 was contaminated with PyPI. TeamPCP collects authentication information for OpenAI, Anthropic, AWS, and GCP by hiding payloads in WAV files. 742K downloads per month. Security Supply Chain PyPI Malware TeamPCP
