Malware And CampaignsCampaign

TeamPCP Telnyx SDK supply chain attack using WAV files to smuggle credential stealers

April 4, 2026Trend Micro Research

Trend Micro Research says TeamPCP used valid WAV audio files as malware containers to deliver credential stealers in the Telnyx SDK attack, reinforcing that nontraditional file formats can be weaponized in supply chain compromises.

Open in PulseSee the full expert discussion →

QUOTES

Audio files as malware containers are no longer theoretical.

TeamPCP, a cloud-focused threat actor group, used valid WAV files to smuggle credential stealers in the Telnyx SDK attack.

Supply chain risk is not slowing down. The Telnyx attack tied to cybercriminal group TeamPCP highlights why dependency pinning and CI/CD visibility are no longer optional.

VOICES

Trend Micro Research

RELATED TERMS

supply chainmalicious softwarecredentials storedsupply chaincredentials stored

OTHER FINDINGS IN MALWARE AND CAMPAIGNS

Axios npm package compromise, WAVESHAPER.V2 cross platform RAT Handala Hack Telegram threat claiming imminent Lockheed Martin data leak Telnyx PyPI compromise (TeamPCP) shipping malware in telnyx 4.87.1/4.87.2

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security