Supply ChainMay 12, 2026
Following the initial report from @wiz_io on compromised MistralAI packages, our artifact‑scannin...
Shai Hulud malware discovered in additional compromised MistralAI NPM packages for GCP and Azure.
Summary
Following Wiz's initial disclosure of compromised MistralAI packages, security researchers identified additional NPM artifacts infected with the Shai Hulud malware. The affected packages include mistralai/mistralai-gcp v1.7.3 and mistralai/mistralai-azure v1.7.3, which provide direct cloud integration functionality. This represents a broader supply chain attack affecting popular AI/ML libraries used by cloud developers.
Indicators of Compromise
- malware — Shai Hulud
Entities
MistralAI (vendor)Wiz (vendor)NPM (technology)Google Cloud Platform (technology)Microsoft Azure (technology)