← Back to Blog
Security Briefing 9 min read March 29, 2026

TeamPCP Hides Stealer in WAV Files via Telnyx PyPI, Fake VS Code Alerts Target GitHub Devs, RedLine Admin Extradited, FBI Director Account Breach Claimed

Supply chain attackers TeamPCP evolve their tactics by hiding credential stealers inside WAV audio files on PyPI. A massive GitHub campaign uses fake VS Code security alerts to distribute malware to developers. The alleged RedLine infostealer administrator is extradited to the US. Pro-Iranian hackers claim they breached FBI Director Kash Patel's personal account. Plus: RSAC 2026 Conference highlights and Google sets a 2029 quantum-readiness deadline.


🎵 TeamPCP Supply Chain Attack: Credential Stealers Hidden in WAV Files

🔴 CRITICAL — Active Supply Chain Attack on PyPI

If you use the telnyx Python package, downgrade immediately to version 4.87.0. Versions 4.87.1 and 4.87.2 are compromised. The PyPI project is currently quarantined.

The threat actor TeamPCP — already responsible for supply chain attacks against Trivy, KICS, and litellm — has compromised the Telnyx Python SDK on PyPI, pushing two malicious versions that hide credential-stealing payloads inside .WAV audio files using steganography.

How the Attack Works

The malicious code is injected into telnyx/_client.py, activating the moment the package is imported. The attack uses a sophisticated three-stage chain:

Platform-Specific Behavior

PlatformWAV FilePersistence Method
Windowshangup.wavDrops executable as msbuild.exe in Startup folder
Linux/macOSringtone.wavExtracts and runs collector script in self-destructing temp directory

The entire chain operates within a self-destructing temporary directory and leaves near-zero forensic artifacts on the host. Multiple security firms including Aikido, Endor Labs, JFrog, Socket, and StepSecurity have published independent analyses confirming the attack.

Why WAV steganography? Unlike raw executables or base64 blobs — which are trivially flagged by network inspection and EDR — wrapping payloads inside audio files evades most detection systems. This is the same technique TeamPCP used in the litellm compromise, now evolved to fetch payloads remotely instead of embedding them inline.


⚠️ Fake VS Code Security Alerts on GitHub Spread Malware to Developers

A large-scale, coordinated campaign is targeting developers across GitHub with fake Visual Studio Code security alerts posted in the Discussions section of thousands of repositories. Application security company Socket identified the operation as well-organized and automated rather than opportunistic.

Attack Mechanics

The threat actors create posts with realistic titles like "Severe Vulnerability — Immediate Update Required" that include fake CVE IDs and urgent language. In many cases, they impersonate real code maintainers or security researchers for legitimacy.

⚠️ Developer Advisory

Always verify vulnerability identifiers via authoritative sources (NVD, CISA KEV catalog, MITRE CVE). Be suspicious of external download links, unverifiable CVEs, and mass tagging of unrelated users. Legitimate VS Code extensions are distributed through the official marketplace, never via Google Drive.


🏛️ Pro-Iranian Hackers Claim FBI Director Kash Patel Account Breach

A pro-Iranian hacking group has claimed responsibility for breaching FBI Director Kash Patel's personal account, announcing they are making emails and other documents from his account available for download.

This incident, if confirmed, would represent a significant escalation in foreign influence operations targeting senior US government officials. The compromise of a personal (non-government) account highlights the persistent risk that even the highest-ranking security officials face from targeted attacks on their personal digital footprint.

Context: This follows a pattern of state-aligned groups targeting personal accounts of government officials, which often contain sensitive communications that bypass official secure channels. The claim comes at a time of heightened US-Iran tensions and increased cyber operations from Iranian-affiliated groups.


⚖️ Alleged RedLine Malware Administrator Extradited to the United States

Hambardzum Minasyan of Armenia has been extradited to the United States, accused of involvement in the development and administration of RedLine, one of the most prolific infostealer malware families of recent years.

RedLine has been responsible for stealing millions of credentials, financial data, and cryptocurrency wallet information from victims worldwide. The malware has been sold as a Malware-as-a-Service (MaaS) offering, making it accessible to a broad range of cybercriminals.

Why This Matters


📰 Rapid Roundup

RSAC 2026 Conference — Days 3-4 Highlights

The RSAC 2026 Conference continues with major vendor announcements across the cybersecurity landscape. Key themes include AI-powered security operations, zero trust architecture evolution, and the convergence of cloud-native security platforms. The conference reflects the industry's accelerating shift toward autonomous security capabilities and integrated risk management.

Google Sets 2029 Quantum Deadline

Google has set 2029 as the target year for organizations to be quantum-ready, signaling urgency in post-quantum cryptography migration. Organizations should begin auditing cryptographic dependencies and planning migration to quantum-resistant algorithms now — the transition will take years, not months.

Palo Alto Recruiter Scam

Threat actors are impersonating Palo Alto Networks recruiters in social engineering campaigns, leveraging the company's brand recognition to target cybersecurity professionals. A reminder that security practitioners are themselves high-value targets.

Anti-Deepfake Chip Development

New hardware-level approaches to combating deepfakes are emerging, with chip-based solutions that can verify content authenticity at the hardware level — a promising development as AI-generated media becomes increasingly indistinguishable from real content.


🛡️ Recommended Actions

PriorityActionDetails
CRITICALAudit PyPI dependenciesCheck for Telnyx 4.87.1/4.87.2 — downgrade to 4.87.0 immediately. Scan for TeamPCP IOCs across all Python projects.
CRITICALAlert development teamsWarn about fake VS Code security alerts on GitHub Discussions. Verify all security advisories through official channels only.
HIGHReview supply chain securityImplement package pinning, hash verification, and automated dependency scanning. Consider using lockfiles and verifying package signatures.
HIGHMonitor RedLine IOCsWhile the admin's extradition is positive, RedLine infrastructure may still be active. Continue monitoring for RedLine-associated credential dumps.
MEDIUMBegin quantum migration planningWith Google's 2029 deadline, start inventorying cryptographic assets and planning post-quantum transitions.

Protect Your Software Supply Chain

KENSAI continuously monitors your dependencies for malicious packages, compromised libraries, and supply chain attacks — before they reach production.

Run a Free Security Scan →

KENSAI Security Briefing — Evening Edition, March 29, 2026

Stay vigilant. Stay patched. Stay ahead.

Related Articles

Smart Slider WordPressの脆弱性が80万サイトを危険に晒す、LangChain AIフレームワーク三重脆弱性が機密を漏洩、TeamPCP T SentinelOne cartographie une chaîne d'intrusion en 8 phases, le SANS signale l'I CVE-2024-21413: Microsoft Outlook Critical RCE — MonikerLink Attack