Advertisement
SU
HIGH
Supply Chain
PyPI Supply Chain Threat: Deceptive Packages Target Developers
Analysis of malicious Python packages such as cryptography-util using deceptive naming to exfiltrate Discord tokens and system metadata via webhooks.
Runtime Rebel Intel
3 min read·May 11, 2026
SU
HIGH
Supply Chain
Malicious PyPI Package elementary-data Hijacked for Infostealer
High-profile supply chain attack on the elementary-data PyPI package compromises developer credentials and crypto wallets via account takeover. Patch now.
Runtime Rebel Intel
4 min read·Apr 27, 2026
SU
HIGH
Supply Chain
Backdoored Telnyx PyPI Package Uses Steganography to Deliver Malware
Security researchers discovered malicious versions of the Telnyx PyPI package delivering infostealers via steganography hidden in WAV audio files.
Runtime Rebel Intel
3 min read·Mar 28, 2026
HIGH
Supply Chain
Telnyx PyPI Package Compromised by TeamPCP via Steganography
TeamPCP threat actors distributed malicious Telnyx Python package versions 4.87.1 and 4.87.2 on PyPI to harvest credentials using hidden WAV files.
Runtime Rebel Intel
3 min read·Mar 27, 2026