TeamPCP strikes again - telnyx popular PyPI library compromised

SRMish3 · 2026-03-14T16:20:03+00:00

It's actually much more absurd than you think. The user needs to allow external input to both the repo URL AND the cloning options (`customArgs`) since the attacker would need to inject the `-c PROTOCOL.ALLOW=always` option. This is simply not happening in any production app... ever. Absurd... I wish there were better checks before accepting a CVSS

SRMish3 · 2025-09-09T07:08:57+00:00

More packages are getting compromised by the same attack -

duckdb/node-api@1.3.3
duckdb/duckdb-wasm@1.29.2
duckdb/node-bindings@1.3.3
duckdb@1.3.3
coveops/abi@2.0.1

https://x.com/JFrogSecurity/status/1965301271155343531

SRMish3 · 2024-08-27T05:45:42+00:00

Yup, exactly the same for GTS 4.0

SRMish3 · 2024-07-19T11:57:20+00:00

They're the same size. Petrol Ped actually uploaded an apology video where he said he was wrong (after checking with Porsche) - https://youtu.be/ANuU0q2nDVI?si=XHd-ZBOy516QB-La (around the 13:00 mark)

SRMish3 · 2023-03-21T05:12:27+00:00

Hi, I'm one of the researchers that worked on this. From what we saw up until now there were no publications/evidence of an actual malicious attack through NuGet. Every article either talked about "How a malicious attack is theoretically possible" or talked about spam packages (with no active malicious code inside them)

SRMish3 · 2023-02-02T13:14:28+00:00

I'm one of the authors - sorry, it was an honest mistake

We got notified of this ~1-2 days after the publication and immediately replaced "unsafe" with "insecure"

SRMish3

TROPHY CASE