Mistral AI Source Code Advertised for Sale by TeamPCP

The TeamPCP hacker group is actively advertising the sale of nearly 450 repositories containing source code from Mistral AI, a prominent French AI firm. BleepingComputer reports that TeamPCP is demanding $25,000 for approximately 5 gigabytes of internal repositories and source code, threatening to leak it all for free if a buyer isn’t found within a week. This stolen data reportedly includes code for Mistral AI’s training, fine-tuning, benchmarking, model delivery, and inference operations.

Mistral AI has confirmed to BleepingComputer that their codebase management system was compromised following a Mini Shai-Hulud software supply-chain attack. This incident originated from stolen CI/CD credentials, which allowed attackers to compromise official packages from TanStack and Mistral AI. The attack then propagated to hundreds of other software projects on npm and PyPI, including UiPath, Guardrails AI, and OpenSearch, briefly contaminating some of Mistral AI’s SDK packages.

This incident underscores the critical risk posed by CI/CD pipeline compromises. Attackers are clearly targeting the software supply chain to gain deep access to proprietary code and intellectual property. For defenders, this means shifting focus upstream to secure development environments and build processes. The attacker’s calculus is straightforward: source code is highly valuable, either for direct sale to competitors or for enabling more sophisticated future attacks by revealing architectural vulnerabilities and internal logic.