Infosecurity Magazine reports that TeamPCP threat operation has moved to target the Telnyx cloud communications platform's Python software development kit on the PyPI repository as part of a supply chain attack campaign, which had already compromised Trivy and LiteLLM.Malicious Telnyx Python SDK versions 4.87.1 and 4.87.2 uploaded by TeamPCP have been laced with code that allowed the exfiltration of SSH private keys and bash history files to an attacker-controlled remote server upon installation, an analysis from the Socket Research Team showed. Targeting SSH private keys and bash history files could enable lateral movement to other systems accessible by the victim and the exposure of commands with sensitive information, respectively.Another report from Endor Labs revealed that TeamPCP had used stolen maintainer account credentials to publish the trojanized Telynx Python SDKs. TeamPCP's targeting of Telynx indicates a maturing supply chain attack methodology, which results in a heightened risk profile, said Endor Labs researchers.
Supply chain, Cloud Security, Threat Intelligence
Telnyx targeted in expanding TeamPCP supply chain intrusions

(Adobe Stock)
An In-Depth Guide to Cloud Security
Get essential knowledge and practical strategies to fortify your cloud security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



