Y
Hacker News
new
|
ask
|
show
|
jobs
Supply chain compromise in mistralai Python package
(
github.com
)
6 points
by
meander_water
36 days ago
2 comments
evilmonkey19
36 days ago
I use mistralai and their API is quite good. Luckily I like to pin the versions and upgrade manually a little bit later just in case of this kind of unfortunate events.
link
ilvez
36 days ago
Have version lock as well, but dependency resolution seems to be messed up for a time. Started unrelated upgrade action and got blocked :)
link
meander_water
36 days ago
This appears to be part of the same Mini Shai-Hulud campaign affecting Tanstack Router
https://www.securityweek.com/tanstack-mistral-ai-uipath-hit-...
link