
Bitcoin Slumps Again to $74K as Bearish Market Structure Intensifies
Bitcoin's price drops to $74K as bearish market trends intensify.

Hackers compromised a Mistral AI software download, inserting malware that steals credentials and could harm Linux systems. Mistral claims its infrastructure remains secure despite the breach.
Mentioned in this story
Microsoft Threat Intelligence said Monday that attackers inserted malicious code into a Mistral AI software package distributed through PyPI, a popular platform developers use to download Python software tools.
In a post on X, Microsoft said the malicious code automatically ran when developers used the software on Linux systems. The code downloaded a second malicious file called transformers.pyz from a remote server and launched it in the background.
“The file name transformers.pyz appears deliberately chosen to mimic the widely used Hugging Face Transformers library and blend into ML/dev environments,” Microsoft wrote.
The company said the malware primarily worked as a credential stealer capable of collecting developer login information and access tokens. Microsoft also said the malware avoided Russian-language systems and included code that could randomly delete files on some systems that appeared to be located in Israel or Iran.
Reports link the latest attack to the broader “Shai-Hulud” malware campaign that began in September and targets software supply chains by infecting trusted developer packages and stealing credentials from compromised systems.
“Shai-Hulud, that spoopy Git worm thingy everyone’s been yapping about, has been open-sourced,” cybersecurity firm VX Underground wrote on X. “What does this mean? TeamPCP, or someone else, has released the fully weaponized worm for you.”
Microsoft advised organizations to isolate affected Linux systems, block the associated internet address, search for signs of infection, and replace potentially exposed credentials.
On Tuesday, Mistral said on its website that it was impacted by a supply-chain attack tied to the broader TanStack security incident. The company said an automated worm associated with the attack led to compromised NPM and PyPI package versions being published.
“Current investigation indicates that an affected developer device was involved,” the company . “We have no indication that Mistral infrastructure was compromised.”
The malware inserted into the Mistral AI software is designed to steal credentials and can damage Linux systems.
The malware automatically ran when developers used the compromised software, downloading additional malicious files in the background.
Mistral stated that it has no evidence indicating that its infrastructure was compromised during the attack.

Bitcoin's price drops to $74K as bearish market trends intensify.

XRP drops to a six-week low of $1.33 as whale activity declines significantly.

Dogecoin price drops to monthly lows, but whales are loading up on DOGE.

Bitcoin's price plummets to $75K amid major sell-offs by Trump Media and Mark Cuban.

Hyperliquid is evolving into a core infrastructure layer for crypto finance with the introduction of HIP-4.

Glassnode reports Bitcoin options traders are defensive as BTC drops below $78K.
See every story in Crypto — including breaking news and analysis.
Node Package Manager or NPM is one of the world’s largest software download platforms for JavaScript developers. It has increasingly become a target in crypto-related cyberattacks because many blockchain apps, wallets, and trading platforms rely on software distributed through the service. In September, Ledger CTO Charles Guillemet warned that hackers had compromised widely used NPM packages in an attack that could redirect crypto transactions and steal funds.
“The affected packages have already been downloaded over 1 billion times, meaning the entire JavaScript ecosystem may be at risk,” Guillemet wrote on X at the time.
Other recent attacks used poisoned NPM packages tied to fake crypto trading bots and blockchain tools to spread malware through Ethereum smart contracts.