The French sovereign AI unicorn is allegedly facing a major source-code exposure after a threat actor claimed to have stolen almost 450 private repositories, including those of a major pharmaceutical giant client.

Unverified breach claim Threat actors TeamPCP claim to have stolen 450 private Mistral AI repositories, including internal projects and customer deployments, demanding $25,000.
Possible supply chain link The alleged breach timing coincides with Mistral's confirmed SDK compromise in the TanStack attack. Researchers suggest both incidents may involve TeamPCP's credential-stealing malware, though a direct connection remains unconfirmed.
Reputational risk if confirmed The breach could damage Mistral's positioning as Europe's trusted "sovereign AI" alternative, exposing competitive intelligence and potentially client data, undermining core promises of data control and security.

The breach comes just days after the Gallic AI maker’s SDK packages were compromised in the TanStack supply chain attack that has shaken the foundations of open-source software.

The post, published by criminals branding themselves “TeamPCP,” claims the leaked Mistral AI material includes internal AI projects, software systems, dashboards, testing tools, customer deployments, experiments, and unreleased development work.

Don't miss our latest stories on Google News

One of the repositories references pharmaceutical giant Pfizer – best known for its COVID-19 vaccine during the pandemic – potentially indicating exposure of customer-facing or enterprise AI projects. However, there is currently no evidence that Pfizer itself was breached.

The attackers are demanding a $25,000 BIN (buy it now) payment, claiming the data will otherwise be leaked within a week.

Among the repositories listed in the forum post are:

- mistral-inference-internal

- mistral-finetune-internal

- chatbot-security-evaluation

- mistral_finance_agent

- mistral-lawyer-internal.

- kyc-doc-agent.

- dashboard

- pfizer-rfp-2025

At the time of writing, the attackers had not published samples of the alleged stolen data, and the alleged repository leak has not yet been independently verified.

Possible connection to Mini Shai Hulud attacks

The alleged breach comes just days after Mistral disclosed that some of its SDK packages were affected by the wider TanStack supply chain attack, a sprawling campaign that researchers are attributing to TeamPCP and its “Mini Shai-Hulud” malware.

The malware’s name is a reference to the sandworms from Frank Herbert's Dune universe, reflecting its worm-like, self-propagating nature, which the group uses to target software supply chains and cloud infrastructure, with a specific focus on stealing API keys, SSH keys, and AWS credentials.

npm package compromise — TanStack supply chain affected popular NPM packages, which in turn could have impacted Mistral. Image by Cybernews.

While a Mistral security advisory issued on Tuesday confirmed “a supply chain attack affecting Mistral AI SDK packages,” it added that there was “no indication that Mistral infrastructure was compromised.”

Cybernews internal security research team believes the timing and tactics may be connected.

“The threat actor did not provide any samples in their post, just a list of allegedly exfiltrated code repositories. Personally, I think this can be connected,” Cybernews researcher Rasa Jurgutyte said.

Microsoft worm — Microsoft's security researchers warned of TeamPCP's Dune-inspired worm in as it tore through software chains last year.

“Shai-Hulud malware targets developer credentials, which would make sense given the whole list of possible internal repos in the post.”

Researchers say the worm was designed to steal credentials from developer environments and CI/CD systems, then use the compromised access to spread further into additional repositories and software ecosystems.

“This shoots 2 birds with one stone, because this way credentials of both MistralAI developers (or any other target for that matter) and the product users can be exploited at the same time,” Jurgutyte added.

What is Mistral AI?

Founded in 2023, French AI company Mistral AI is widely regarded as the leading European champion of sovereign AI, acting as a primary alternative to US-based AI companies.

The Gallic unicorn focuses on creating open-source models – such as Mixtral and Magistral – that allow organizations to maintain control over their data, infrastructure, and how it is used.

mistral-ai-deal — The French AI company is widely regarded as the leading European champion of sovereign AI. Image by SOPA Images/Getty.

Has your password leaked?

Enter your password to check if it has leaked. Having a leaked password creates the risk of identity theft, financial damages, and worse!

35,607,543,468

Exposed Passwords

If the breach is authentic, which involves a bunch of stolen repositories for code tied to model training, AI agents, and internal dashboards and platform infrastructure, Jurgutyte said it could create serious reputational and business risks for the company.

“If we look only at the forum post, the impact from it can be reputation loss, loss of competitive advantage, and possible exposure of client data.”
Rasa Jurgutyte, Cybernews security researcher

The broader TeamPCP campaign has already impacted hundreds of malicious packages across NPM and PyPI ecosystems – two of the most targeted open-source software repositories that allow developers to share, find, and reuse code.

These included projects tied to TanStack, OpenSearch, Guardrails AI, UiPath, and Mistral AI.

Researchers say the malware used in those attacks harvested GitHub credentials, cloud secrets, SSH keys, API tokens, crypto wallets, and AI tooling credentials from infected systems.