Telnyx Python SDK Security Notice: Malicious PyPI Versions Identified (March 2026)HomeVoice AIVoice APIeSIMRCSSpeech-to-TextText-to-speechSIP TrunkingSMS APIMobile VoiceView all solutionsHealthcareFinanceTravel and HospitalityLogistics and TransportationContact CenterInsuranceRetail and E-CommerceSales and MarketingServices and DiningView all pricingVoice AIVoice APIeSIMRCSSpeech-to-TextText-to-SpeechSIP TrunkingSMS APIGlobal NumbersIoT SIM CardOur NetworkMission Control PortalCustomer storiesGlobal coveragePartnersCareersEventsResource centerSupport centerAI TemplatesSETIDev DocsIntegrationsProductsSolutionsPricingWhy TelnyxResourcesDevelopersContact usLog inContact usLog inSign upOpen menuBack to blogTelnyxTelnyx Python SDK: Supply Chain Security NoticeUnauthorized versions of the Telnyx Python SDK were briefly published to PyPI as part of a broader supply chain attack. Learn which versions were affected, who is impacted, and the steps to secure your environment.By Telnyx TeamSummaryOn March 27, 2026 at 03:51:28 UTC, two unauthorized versions of the Telnyx Python SDK were published to PyPI: versions 4.87.1 and 4.87.2. Both versions contained malicious code. Both were quarantined by 10:13 UTC the same day.This incident is part of a broader supply chain campaign that has also affected Trivy, Checkmarx, and LiteLLM.The Telnyx platform, APIs, and infrastructure were not compromised. This incident was limited to the PyPI distribution channel for the Python SDK.Affected Versions Version Published telnyx==4.87.1 03:51:28 UTC, March 27, 2026 telnyx==4.87.2 Shortly after Both versions have been removed from PyPI.Who Is AffectedYou may be affected if:You installed or upgraded the telnyx Python package between 03:51 UTC and 10:13 UTC on March 27, 2026You ran pip install telnyx without pinning a version and received 4.87.1 or 4.87.2A dependency in your project pulled in telnyx as a transitive, unpinned dependencyWho Is NOT AffectedYou are running version 4.87.0 or earlierYou did not install or upgrade the telnyx package between 03:51 UTC and 10:13 UTC on March 27You are using the Telnyx REST API directly without the Python SDKHow to CheckRun the following command:pip show telnyx

If the version shown is 4.87.1 or 4.87.2, treat the environment as compromised.What to Do If AffectedDowngrade immediately:pip install telnyx==4.87.0

Rotate all secrets accessible from the affected environment: API keysDatabase credentialsCloud provider tokensSSH keysAny secrets stored in environment variables or configuration filesAudit your systems for outbound connections to attacker infrastructure (see IOCs below)Review CI/CD pipelines and Docker builds that may have pulled the compromised versionIndicators of Compromise Type Value C2 server 83.142.209.203:8080 Exfil technique WAV steganography payload delivery Additional IOCs will be published as the investigation confirms them.What Was NOT CompromisedThe Telnyx platform, voice services, messaging infrastructure, networking, SIP, AI inference, and all production APIs were not affected.The SDK is a client library that wraps public APIs. It has no privileged access to Telnyx infrastructure. No customer data was accessed through this incident.What We Are DoingMalicious versions removed from PyPIInvestigating how publishing credentials were obtainedRelated IncidentsThis attack is part of a multi-week supply chain campaign:Trivy compromise (March 19, 2026)LiteLLM compromise (March 24, 2026)Questions?Contact [email protected] if you have questions about this incident or need assistance determining if your environment was affected.Share on SocialJump to:SummaryAffected VersionsWho Is AffectedWho Is NOT AffectedHow to CheckWhat to Do If AffectedIndicators of CompromiseWhat Was NOT CompromisedWhat We Are DoingRelated IncidentsQuestions?Sign up for emails of our latest articles and newsRelated articlesSocialCompanyOur NetworkGlobal CoverageRelease NotesCareersVoice AIAI GlossaryShopTTS Voice LibraryLegalData and PrivacyReport AbusePrivacy PolicyCookie PolicyLaw EnforcementAcceptable UseTrust CenterCountry Specific RequirementsWebsite Terms and ConditionsTerms and Conditions of ServiceCompareElevenLabsVapiTwilioBandwidthKore WirelessHologramVonageAmazon S3Amazon ConnectAsk AI© Telnyx LLC 2026ISO • PCI • HIPAA • GDPR • SOC2 Type II

Telnyx disclosed a significant supply chain security incident that occurred on March 27, 2026, impacting the distribution of its Python Software Development Kit (SDK). The core of the matter revolves around the unauthorized publication of two malicious versions, 4.87.1 and 4.87.2, to the Python Package Index (PyPI). These versions contained deliberately inserted code designed to compromise systems utilizing the Telnyx Python SDK. The incident was swiftly contained by Telnyx, with the compromised versions removed from PyPI within approximately six hours of their initial publication.

The severity of this event stems from its categorization as a supply chain attack, highlighting the vulnerability inherent in relying on third-party software components. The broader campaign encompassing Trivy, Checkmarx, and LiteLLM underscores the sophistication and coordinated nature of this malicious activity. Crucially, Telnyx emphasizes that the Telnyx platform itself, its APIs, and underlying infrastructure remained unaffected. The compromise was strictly limited to the distribution channel of the SDK through PyPI.

The potential impact extends to organizations that utilized versions 4.87.1 or 4.87.2 of the Telnyx Python SDK without explicitly pinning a specific version. This lack of version control allowed an unmanaged pull of the compromised code. A critical diagnostic step recommended by Telnyx involves executing the `pip show telnyx` command; a result indicating 4.87.1 or 4.87.2 immediately flags the environment as compromised.

Immediate remediation involves a forced downgrade to version 4.87.0 or earlier. In addition to the downgrade, affected users are urged to rotate all secrets associated with the compromised environment, including API keys, database credentials, and any tokens utilized across cloud providers or within SSH keys. Security audits should be conducted to identify and isolate any outbound connections to the identified Command and Control (C2) server, 83.142.209.203:8080, and to investigate potential exfiltration attempts, notably through WAV steganography payload delivery.

Telnyx is actively investigating how their publishing credentials were accessed, and is referencing related incidents involving the compromise of Trivy and LiteLLM, indicating a potentially wider, sustained campaign. The organization’s response has focused on swiftly removing the malicious versions from PyPI and is collaborating with relevant authorities. The investigation continues, with additional Indicators of Compromise (IOCs) expected to be released as the scope of the attack is fully understood. It’s important to note that the SDK itself is a client library that wraps public APIs and does not possess privileged access to Telnyx infrastructure. The incident did not result in any access to customer data. For inquiries or assistance in determining if an environment was affected, users are directed to contact [email protected].