highSupply chain·

AGS-2026-0005

Telnyx PyPI versions 4.87.1/4.87.2 hide credential stealer inside a WAV file (March 27, 2026)

What happened

On March 27, 2026, TeamPCP pushed telnyx==4.87.1 and 4.87.2 to PyPI with credential-harvesting capability concealed inside an audio steganography payload (WAV file). The package extracts and runs the stealer in-memory on Linux and macOS.

Chain

1. Install pulls in a WAV file disguised as a test asset. 2. Post-install script decodes embedded shellcode from the WAV LSB. 3. In-memory execution of the harvester (no on-disk binary). 4. AES-encrypted exfiltration to a collector domain.

Self-check

AgentGuard subscribers receive this advisory automatically and their local guard runs the inspection below.

References