Microsoft · Mistral · Open Source · Decrypt
Hackers Insert Malware Into Mistral AI Software Download
Compiled by KHAO Editorial — aggregated from 2 sources. See llms.txt for citation guidance.
✓ KHAO Verified
Microsoft Threat Intelligence said Monday that attackers inserted malicious code into a Mistral AI software package distributed through PyPI, a popular platform developers use to download Python software tools.
Key facts
- In September, Ledger CTO Charles Guillemet warned that hackers had compromised widely used NPM packages in an attack that could redirect crypto transactions and steal funds
- The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments,” Microsoft wrote
- Node Package Manager or NPM is one of the world’s largest software download platforms for JavaScript developers
- On Tuesday, Mistral said on its website that it was impacted by a supply-chain attack tied to the broader TanStack security incident
Summary
Microsoft said attackers compromised a Mistral AI software download used by developers. In a post on X, Microsoft said the malicious code automatically ran when developers used the software on Linux systems. “The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments,” Microsoft wrote. The company said the malware primarily worked as a credential stealer capable of collecting developer login information and access tokens.