>Microsoft is investigating mistralai PyPI package v2.4.6 compromise. Attackers injected code in mistralai/client/__init__.py that executes on import, downloads hxxps://83[.]142[.]209[.]194/transformers.pyz to /tmp/transformers.pyz, and launches a second-stage payload on Linux. The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments. >The main payload is a credential stealer, but it also includes country-aware logic; it avoids Russian-language environments and contains a geo fenced destructive branch that has 1-in-6 chance of executing rm -rf / when the system appears to be in Israel or Iran.>To mitigate this threat: isolate affected Linux hosts, block 83[.]142[.]209[.]194, hunt for /tmp/transformers.pyz, pgmonitor[.]py, and pgsql-monitor.service, and rotate exposed credentials.>has 1-in-6 chance of executing rm -rf / when the system appears to be in Israel or Iran.lol
"No Russian"
>Release a 7b model way better than everything else available at the moment>Release a MoE model that changes everything once more>Do nothing else. Let others catch up. Still do nothing. Two years later brand their chatbot as a cat because of LeFrench lol.Mistral could be on top of the world right now.>>108809422>Another LaurieWeird xitter threadIn all fields.
installing Russian..
>>108809422>Israel OR Iranbased everything hater
>>108810687We also have Microslop Threat Intelligence for this topic >>108806246
>>108809422>executing rm -rf / when the system appears to be in Israel or Iran.whathol da fonewha wait wa why howcome...
>>108811269Maybe it was smth like,>be ivan>ballin in dubai>suddenly, everything is fire>have to drive thru desert the entire day, to egypt, for a plane ride out of this mess>ivan: and i took that personally
>>108809422Made its way into a cemu release via a stolen GitHub tokenhttps://rentry.org/cemu-security-psa
