Microsoft: Mistral AI software download package was infected with malicious code that stole developer credentials.

CoinFeed reported on May 14th that, according to Decrypt, Microsoft's threat intelligence team stated that attackers have implanted malicious code into a software package distributed by Mistral AI via PyPI. When developers use the software on Linux systems, the malicious code automatically runs, downloading a malicious file named `transformers.pyz` from a remote server and executing it in the background. This filename deliberately mimics the widely used Hugging Face Transformers library. Microsoft stated that the malware primarily steals developers' login information and access tokens, avoids Russian-language systems, and may randomly delete files on some systems located in Israel or Iran. This attack is related to the "Shai-Hulud" malware supply chain attack that began in September.