TeamPCP Supply Chain Campaign: Update 002 - Telnyx PyPI Compromise, Vect Ransomware Mass Affiliate Program, and First Named Victim Claim, (Fri, Mar 27th)

The TeamPCP supply chain campaign has compromised the Telnyx Python SDK on PyPI, affecting over 670,000 monthly downloads, by publishing malicious versions 4.87.1 and 4.87.2 on March 27, 2026, at 03:51 UTC¹. This update is part of an ongoing threat intelligence report, highlighting the campaign's evolving tactics, techniques, and procedures, including the use of WAV steganography. The compromise of the Telnyx Python SDK is a significant development, as it demonstrates the campaign's ability to target widely-used software components. The absence of corresponding GitHub releases or tags suggests a sophisticated attack. This incident underscores the importance of operational resilience planning, particularly in sectors that are vulnerable to ransomware attacks. The campaign's ability to compromise a widely-used SDK has significant implications for organizations that rely on the affected software, so what matters most to practitioners is the need to reassess their supply chain risk management strategies to mitigate potential attacks.