IOC Radar
TLP:WHITE10 IOCs

Threat Intelligence | Analysis of the Supply Chain Poisoning Attack on the Official Mistral AI SDK

SL
SlowMist
Published May 16, 2026Original Report

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREhttps://83.142.209.19…https://83.142.209.19…https://83.142.209.19…CAPABILITYunknownVICTIMunknown
Adversary
Infrastructure(6)
Capability
Victim

Attack Flow7 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1195
1/7
Supply Chain Compromise
ActionCompromise release pipeline
Attackers injected malicious code into the legitimate Mistral AI SDK and published it under the official project name on PyPI.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise10

TypeIndicatorConfidenceScoreFirst Seen
SHA2566dbaa43bf2f3c0d3cddbca74967e952da563fb974c1ef9d4ecbb2e58e41fe81b
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
URLhttps://83.142.209.194/v1/models
intel-blognetworkurl
High
58
Jun 2, 26
URLhttps://83.142.209.194/transformers.pyz
intel-blognetworkurl
High
58
Jun 2, 26
MD594dbce1e6dd19886a253a1c5fc0abbb0
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
SHA1d4583b83b8213add7558ba568b287e65d5a06d47
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
URLhttps://83.142.209.194/v1/models.
intel-blognetworkurl
High
58
Jun 2, 26
URLhttps://83.142.209.194/v1/weights.
intel-blogmalwarenetwork
High
58
Jun 2, 26
SHA2565245eb032e336b85cff0dbb3450d591826bf2ef214fd30d7eba1a763664e151b
file-hashindicatorintel-blog
Medium
53
Jun 2, 26
URLhttps://83.142.209.194/v1/weights
intel-blogmalwarenetwork
High
58
Jun 2, 26
URLhttps://83.142.209.194/audio.mp3
intel-blognetworkurl
High
58
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph10 total IOCs
SHA256URLMD5SHA1
URL6SHA2562MD51SHA11REPORTThreat Intelligence | Anal
scroll to zoom · drag to pan · click IOC to open