Supply chain compromise in mistralai Python package

Supply chain compromise in mistralai Python package(github.com)

6 points by meander_water 6 days ago | 3 comments

I use mistralai and their API is quite good. Luckily I like to pin the versions and upgrade manually a little bit later just in case of this kind of unfortunate events.

ilvez 5 days ago | |

Have version lock as well, but dependency resolution seems to be messed up for a time. Started unrelated upgrade action and got blocked :)

meander_water 5 days ago |

This appears to be part of the same Mini Shai-Hulud campaign affecting Tanstack Router https://www.securityweek.com/tanstack-mistral-ai-uipath-hit-...