🚨Analysis of the Supply Chain Poisoning Attack on the Official Mistral AI SDK 🚨 SlowMist’s MistEye threat monitoring system has identified a malicious version of the official Mistral AI Python SDK: mistralai==2.4.6. Unlike typical typosquatting attacks, this was not a fake package. The malicious code was injected directly into the official SDK release pipeline. 🔍 Key Findings • Malicious code hidden in the SDK import entry point • Silent download of a remote payload disguised as transformers.pyz • Theft of cloud credentials, SSH keys, CI/CD tokens, password manager data, Kubernetes Secrets, and more • 1/6 probability of triggering rm -rf /* on systems associated with Israel or Iran • Strong attribution links to the previously disclosed Shai-Hulud supply chain attack framework through the same 4096-bit RSA public key Our analysis reconstructs the full attack chain, persistence mechanisms, encrypted exfiltration workflow, and the correlation between the Python and TypeScript attack frameworks. Full article👇