Supply chain compromise in mistralai Python package
github.comI use mistralai and their API is quite good. Luckily I like to pin the versions and upgrade manually a little bit later just in case of this kind of unfortunate events.
Have version lock as well, but dependency resolution seems to be messed up for a time. Started unrelated upgrade action and got blocked :)
This appears to be part of the same Mini Shai-Hulud campaign affecting Tanstack Router https://www.securityweek.com/tanstack-mistral-ai-uipath-hit-...