SlowMist
SlowMist|5月 16, 2026 10:43
🚨Analysis of the Supply Chain Poisoning Attack on the Official Mistral AI SDK 🚨 SlowMist’s MistEye threat monitoring system has identified a malicious version of the official Mistral AI Python SDK: mistralai==2.4.6. Unlike typical typosquatting attacks, this was not a fake package. The malicious code was injected directly into the official SDK release pipeline. 🔍 Key Findings • Malicious code hidden in the SDK import entry point • Silent download of a remote payload disguised as transformers.pyz • Theft of cloud credentials, SSH keys, CI/CD tokens, password manager data, Kubernetes Secrets, and more • 1/6 probability of triggering rm -rf /* on systems associated with Israel or Iran • Strong attribution links to the previously disclosed Shai-Hulud supply chain attack framework through the same 4096-bit RSA public key Our analysis reconstructs the full attack chain, persistence mechanisms, encrypted exfiltration workflow, and the correlation between the Python and TypeScript attack frameworks. Full article👇 https://slowmist.medium.com/threat-intelligence-analysis-of-the-supply-chain-poisoning-attack-on-the-official-mistral-ai-sdk-98803747a5fa(SlowMist)
+3
Mentioned
Share To

Timeline

HotFlash

APP

X

Telegram

Facebook

Reddit

CopyLink

Hot Reads