Hackers have planted malware in Mistral AI software download packages

Microsoft Threat Intelligence reported that hackers have embedded malicious code into Mistral AI packages distributed via PyPI. The code automatically runs on Linux systems, downloading a malicious file named transformers.pyz from a remote server and launching it in the background. This malware primarily functions as a credential stealer, collecting developers' login information and access tokens.

Mistral stated that, due to the TanStack security incident, one developer device was compromised, and there is currently no evidence indicating that Mistral's infrastructure has been breached.