Also, EU probes Snapchat, RedLine suspect extradited, AstraZeneca leak claim surfaces, and more

infosec in brief The cybercrime crew linked to the Trivy supply-chain attack has struck again, this time pushing malicious Telnyx package versions to PyPI in an effort to plant credential-stealing malware on developers’ systems.

Ox Security warned on Friday that TeamPCP - the group researchers link to the recent compromise of open-source vulnerability scanner Trivy, which led to malicious LiteLLM packages appearing on PyPI - is back, this time with another compromise of a legitimate software package.

In this case, the crew hit Telnyx, which offers VoIP services and AI voice agents. TeamPCP appears to have compromised the PyPI distribution of Telnyx’s Python SDK, replacing current package versions with malicious releases loaded with a multi-stage infostealer and persistence mechanisms. According to Ox, the malware added to the package is similar to the malicious code added to LiteLLM. 

According to Ox, the Telnyx malware's main difference from the LiteLLM package is ...