Catching the LiteLLM and Telnyx supply chain zero-days via semantic analysis (point-wild.github.io)
The tl;dr is that traditional scanners are looking for signatures, while the attackers are weaponizing context. By hiding an executable payload inside mathematically valid .wav audio frames, TeamPCP ensured that content filters and CVE databases waved the Telnyx payload right through.
We spent the weekend building an open-source CLI (wtmp) to hunt for this exact behavior. Instead of asking "Is this package on a blacklist?", it maps your Node/Python dependency graph and uses a LangGraph process to actually read the code. It asks things like: "Why is a telephony SDK running an XOR decryption loop on an audio file and piping it to a shell?"
The reality check: Because it relies on LLMs to infer intent, expect false positives. It is not a deterministic CI/CD blocker; it’s a flashlight to help you triage your blast radius during an active crisis like today.
I’ll be hanging out in the comments. I’d love for you to read the write-up, test the CLI against your local trees, and absolutely tear apart our prompt architecture and logic.
4 comments
[ 1.8 ms ] story [ 25.5 ms ] thread""" The tool will:
"""The semantic/behavioral analysis we built to hunt for these Telnyx/LiteLLM zero-days is a new module we just pushed this weekend. You trigger it using the --supply-chain flag (which requires an Anthropic API key).
When run with that flag, it moves past the OSV database and runs the LangGraph intent analysis on the actual dependency code. I'll get the landing page updated today to make the --supply-chain flag and LLM capabilities more prominent.
In our experience with LLM-based code analysis, the signal-to-noise ratio is the thing that determines whether teams actually use the tool or just forget about it after a week.