Supply chain, Cloud Security, Threat Intelligence

Telnyx targeted in expanding TeamPCP supply chain intrusions

Supply chain vulnerability being exploited through a cyber attack on text code in an editor.

Infosecurity Magazine reports that TeamPCP threat operation has moved to target the Telnyx cloud communications platform's Python software development kit on the PyPI repository as part of a supply chain attack campaign, which had already compromised Trivy and LiteLLM.

Malicious Telnyx Python SDK versions 4.87.1 and 4.87.2 uploaded by TeamPCP have been laced with code that allowed the exfiltration of SSH private keys and bash history files to an attacker-controlled remote server upon installation, an analysis from the Socket Research Team showed. Targeting SSH private keys and bash history files could enable lateral movement to other systems accessible by the victim and the exposure of commands with sensitive information, respectively.

Another report from Endor Labs revealed that TeamPCP had used stolen maintainer account credentials to publish the trojanized Telynx Python SDKs. TeamPCP's targeting of Telynx indicates a maturing supply chain attack methodology, which results in a heightened risk profile, said Endor Labs researchers.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds