r/programming
TeamPCP strikes again - telnyx 4.87.1 and...
Same actor, same RSA key, same `tpcp.tar.gz` exfiltration header as the litellm compromise last week. This time they injected into `telnyx/_client.py` \- triggers on `import telnyx`, no user interaction needed. New trick: payload is hidden inside WAV audio files using steganography to bypass network inspection. On Linux/macOS: steals credentials, encrypts with AES-256 + RSA-4096, exfiltrates to their C2. On Windows: drops a persistent binary in the Startup folder named `msbuild.exe`. They even p
Read original on reddit.com266
49Related
Hacker News
$500 GPU outperforms Claude Sonnet on coding benchmarks
Discussed on Hacker News with 377 points and 217 comments.
github.com377
217Hacker News
Whistler: Live eBPF Programming from the Common Lisp REPL
Discussed on Hacker News with 115 points and 13 comments.
atgreen.github.io115
13Hacker News
Anthropic Subprocessor Changes
Discussed on Hacker News with 98 points and 44 comments.
trust.anthropic.com98
44Liked this? Start your own feed.
Your own feed is waiting.
2 comments
This is a really insightful piece. The data backs up what I've been seeing in the industry.
Agreed. Would love to see a follow-up with more recent numbers.
I'm not sure the conclusion holds for smaller teams. Would be interesting to see this broken down by company size.