Back

Microsoft Alerts on Compromised MistralAI PyPI Package with Malware

Severity: High (Score: 69.0)

Sources: Gbhackers, Cybersecuritynews

Summary

Microsoft has issued a warning regarding the MistralAI Python package on PyPI, specifically version 2.4.6, which has been compromised to deploy a credential-stealing payload on Linux systems. This backdoor executes automatically when the package is imported, affecting developers who utilize this library. The malicious code poses a serious risk to developers and organizations globally, as it targets anyone who installed or updated the package. The incident is part of a broader trend of AI supply-chain attacks, raising concerns about the security of widely used software libraries. The current status indicates that the package has been pulled from PyPI to mitigate further risks. Key Points: • Version 2.4.6 of the MistralAI package was backdoored to deploy malware. • The malicious code executes automatically upon importing the package. • Developers and organizations using this package are at significant risk.

Key Entities

  • Supply Chain Attack (attack_type)
  • MistralAI (company)
  • T1059 - Command and Scripting Interpreter (mitre_attack)
  • T1195 - Supply Chain Compromise (mitre_attack)
  • Linux (platform)
  • PyPI (platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed