**Mistral AI**, a French artificial intelligence company known for its open-weight large language models (LLMs), has confirmed a security breach following the **Mini Shai-Hulud** software supply-chain attack. The incident, which initially targeted **TanStack** packages, has now impacted **Mistral AI**, leading to a potential source code leak. ### Compromised Codebase According to **Mistral AI**, the breach originated from a compromise of official packages from **TanStack** and **Mistral AI** through stolen CI/CD credentials and legitimate workflows. This attack subsequently spread to numerous other software projects on the npm and PyPI registries, including **UiPath**, **Guardrails AI**, and **OpenSearch**. "They [the hackers] contaminated some of our SDK packages for a brief period,” the company stated. ### TeamPCP's Demands **TeamPCP** claims to have exfiltrated nearly 5 gigabytes of internal repositories and source code crucial for **Mistral**'s training, fine-tuning, benchmarking, model delivery, and inference processes. The hackers are demanding $25,000 for the data, threatening to release it publicly if a buyer is not found within a week. "We are looking for $25k BIN or they can pay this and we will shred these permanently, only selling to the best offer and limited to one person, if we cannot find a buyer within a week we will leak all of these for free to the forums," the hackers announced.  **TeamPCP hackers offering to sell Mistral AI data** *source: KELA* ### Mistral AI's Response **Mistral AI** has acknowledged that **TeamPCP** managed to compromise some of its software development kit (SDK) packages. In a recent advisory, the company attributed the breach to a developer device being affected by the **TanStack** supply-chain attack. However, **Mistral** asserts that their forensic investigation indicates that the compromised data was not part of the core code repositories. "Neither our hosted services, managed user data, nor any of our research and testing environments were compromised,” **Mistral** clarified. ### OpenAI Also Impacted In related news, **OpenAI** has also confirmed that the **TanStack** supply-chain attack impacted systems belonging to two of its employees who had access to “a limited subset of internal source code repositories.” A small set of credentials was stolen, but there is no evidence of further exploitation. **OpenAI** has since rotated the code-signing certificates compromised in the incident and has urged macOS users to update their **OpenAI** desktop apps before June 12 to avoid service disruptions. ## The Validation Gap: Automated Pentesting Answers One Question. You Need Six. Automated pentesting tools deliver real value, but they were built to answer one question: can an attacker move through the network? They were not built to test whether your controls block threats, your detection rules fire, or your cloud configs hold. This guide covers the 6 surfaces you actually need to validate. Download Now