Telnyx Python SDK: Supply Chain Security Notice

Summary

On March 27, 2026 at 03:51:28 UTC, two unauthorized versions of the Telnyx Python SDK were published to PyPI: versions 4.87.1 and 4.87.2. Both versions contained malicious code. Both were quarantined by 10:13 UTC the same day.

This incident is part of a broader supply chain campaign that has also affected Trivy, Checkmarx, and LiteLLM.

The Telnyx platform, APIs, and infrastructure were not compromised. This incident was limited to the PyPI distribution channel for the Python SDK.

Affected Versions

Both versions have been removed from PyPI.

Who Is Affected

You may be affected if:

• You installed or upgraded the telnyx Python package between 03:51 UTC and 10:13 UTC on March 27, 2026
• You ran pip install telnyx without pinning a version and received 4.87.1 or 4.87.2
• A dependency in your project pulled in telnyx as a transitive, unpinned dependency

Who Is NOT Affected

• You are running version 4.87.0 or earlier
• You did not install or upgrade the telnyx package between 03:51 UTC and 10:13 UTC on March 27
• You are using the Telnyx REST API directly without the Python SDK

How to Check

Run the following command:

pip show telnyx                                                                                           
 

If the version shown is 4.87.1 or 4.87.2, treat the environment as compromised.

What to Do If Affected

1. Downgrade immediately:

pip install telnyx==4.87.0                                                                                           
 

2. Rotate all secrets accessible from the affected environment:
   
   
   • API keys
   • Database credentials
   • Cloud provider tokens
   • SSH keys
   • Any secrets stored in environment variables or configuration files
3. Audit your systems for outbound connections to attacker infrastructure (see IOCs below)
4. Review CI/CD pipelines and Docker builds that may have pulled the compromised version

Indicators of Compromise

Additional IOCs will be published as the investigation confirms them.

What Was NOT Compromised

The Telnyx platform, voice services, messaging infrastructure, networking, SIP, AI inference, and all production APIs were not affected.

The SDK is a client library that wraps public APIs. It has no privileged access to Telnyx infrastructure. No customer data was accessed through this incident.

What We Are Doing

• Malicious versions removed from PyPI
• Investigating how publishing credentials were obtained

Related Incidents

This attack is part of a multi-week supply chain campaign:

• Trivy compromise (March 19, 2026)
• LiteLLM compromise (March 24, 2026)

Questions?

Contact [email protected] if you have questions about this incident or need assistance determining if your environment was affected.