Microsoft Probes Compromised Mistral AI PyPI Package Tied to Mini Shai-Hulud Supply Chain Attack

Microsoft has initiated an investigation into a compromised Python package uploaded to the Python Package Index (PyPI) under the Mistral AI branding. Security researchers have confirmed the malicious package, identified as version 2.4.6, is connected to the broader Mini Shai-Hulud supply chain campaign, highlighting the persistent vulnerability of open-source software repositories to weaponized dependencies.

The infected package exhibited geolocation-based execution logic that actively prevented its malicious payload from running on systems configured with Russian language settings. When certain geographic conditions were met, however, the malware could activate a destructive payload. This conditional execution design suggests the threat actors behind Mini Shai-Hulud employed deliberate regional targeting to reduce exposure during development and testing phases while preserving full functionality in their intended operating environment.

This compromise adds to an escalating pattern of supply chain intrusions targeting the Python ecosystem. The Mini Shai-Hulud campaign has previously compromised multiple libraries, exploiting developer trust in community-contributed packages. Microsoft researchers note the geographic execution gating represents a tactical refinement over simpler malware, allowing threat actors to evade sandbox analysis and maintain operational security longer. Developers using Mistral AI libraries or related packages are urged to audit their dependencies, verify package signatures, and monitor for anomalous network activity. Microsoft indicated its investigation remains active, with further technical details expected as analysis progresses.

Confidence: 78