Mistral AI has raised €1.7 billion in a Series C funding round at an €11.7 billion post-money valuation. The round was led by semiconductor equipment manufacturer ASML Holding, with participation from existing investors including DST Global, Andreessen Horowitz, Bpifrance, General Catalyst, Index Ventures, Lightspeed and NVIDIA. The Paris-based AI company will use the funding to advance its scientific research and develop custom decentralised frontier AI solutions for complex engineering and industrial problems. ASML CEO Christophe Fouquet said the partnership aims to generate benefits for ASML customers through AI-enabled products and solutions. Mistral AI CEO Arthur Mensch stated the investment will help address engineering challenges in the semiconductor and AI value chain whilst maintaining the company's independence.

EDF and Mistral sign a partnership agreement for AI serving nuclear power and digital sovereignty. Published on 2026/05/28 Paris, May 28, 2026. EDF and Mistral announce the signing of a partnership agreement aimed at collaborating in the field of artificial intelligence to enhance the Group's efficiency and performance in its engineering, maintenance, and construction activities for future EPR2 reactors. Concluded for a duration of five years, this partnership will enable both companies to work on the development and deployment of artificial intelligence tools tailored to EDF Group's safety, industrial performance, and regulatory requirements. The data will remain the property of EDF and will be hosted on trusted infrastructures (sovereign cloud or EDF data centers). The results of this collaboration are intended to provide concrete support to field teams by improving responsiveness, efficiency, and operational performance. The partnership notably plans to train conversational agents capable of querying the "technical memory" accumulated across the entire French nuclear fleet and EDF construction sites, while complying with the safety, security, and sovereignty requirements inherent to these operations. This support for teams will facilitate industrial maintenance operations as well as access to knowledge for nuclear engineering and will optimize activities on construction sites under the EPR2 program. The AI tools envisioned as part of this partnership will not concern nuclear plant control systems. Arthur Mensch, CEO and co-founder of Mistral, stated: "This partnership with EDF illustrates the importance of independent AI in addressing critical nuclear challenges. We are deploying our cutting-edge solutions and expertise within their environment and adapting them to their industrial context. This is to enable nuclear professionals to perform more effectively in their daily work thanks to AI, while fully complying with the strictest safety and security requirements." Bernard Fontana, Chairman and CEO of EDF Group, added: "This partnership with Mistral AI strengthens our digital sovereignty by developing AI designed as closely as possible to our core activities, leveraging our data assets and hosted on trusted infrastructures. The objective is clear: to use AI to improve operational efficiency while ensuring safety, security, and quality."

Cybersecurity News: Foxconn factory attacks, BitLocker zero-day accesses protected drives, MDASH patches Windows flaws. May 14, 2026 In today's cybersecurity news... Foxconn confirms North American factory attack. Foxconn said that several North American factories were hit by a cyberattack claimed by the Nitrogen ransomware group, which says it stole 8TB of data including confidential files tied to customers like Apple, Intel, Google, Dell, and NVIDIA. Foxconn said it activated incident response measures and is restoring affected operations. The ransomware group continues to pressure victims through data theft and file encryption. (SecurityWeek) BitLocker zero-day accesses protected drives. A researcher known as Chaotic Eclipse or Nightmare Eclipse released proof-of-concept exploits for two unpatched Windows zero-days dubbed YellowKey and GreenPlasma, including a BitLocker bypass that can expose encrypted drives through the Windows Recovery Environment. Security researchers confirmed parts of the YellowKey exploit, which abuses NTFS transaction logs to launch a command shell with access to unlocked BitLocker volumes on TPM-only systems. The disclosure follows earlier leaked Windows exploits from the same researcher. (BleepingComputer) MDASH patches 16 Windows flaws. Microsoft unveiled MDASH, a multi-model AI system that uses more than 100 specialized agents to discover and validate software vulnerabilities in Windows codebases. The company said MDASH identified 16 flaws patched in this month's Patch Tuesday release, including two critical remote code execution bugs affecting Windows networking and authentication components. This follows similar AI-driven cybersecurity efforts from Anthropic and OpenAI. (The Hacker News) Mistral develops new AI model for banks. Bloomberg's sources say Mistral AI is developing a cybersecurity-focused AI model for European banks looking for alternatives to Anthropic's restricted-access Mythos system. The company has reportedly been in talks with financial institutions concerned about AI-driven cyber threats and Europe's limited access to advanced US security models. Mistral CEO Arthur Mensch also argued that Europe needs domestic AI security tools to avoid dependence on foreign systems. (Bloomberg) Huge thanks to our episode sponsor, Doppel. Exim mailer flaw allows remote code execution. A critical remote code execution flaw was disclosed in the Exim mail server, affecting versions 4.97 through 4.99.2 compiled with GnuTLS and certain SMTP features enabled. The vulnerability stems from a use-after-free bug during TLS shutdown that could let unauthenticated attackers execute commands, access emails, and potentially access compromised environments. Researchers at XBOW said AI-assisted tools helped accelerate exploit development, though a human researcher ultimately produced the successful exploit. (BleepingComputer) Bug hunter tracks down three massive MCP flaws. An Akamai researcher uncovered three major vulnerabilities in Model Context Protocol (MCP) servers tied to Apache Software Foundation Doris, Apache Pinot, and Alibaba RDS that could allow SQL injection, sensitive data theft, or full database compromise through AI-connected systems. Apache patched an SQL injection flaw in Doris. Pinot added optional OAuth protections but still has unresolved issues. Alibaba reportedly declined to patch its RDS MCP vulnerability, which researchers said could expose sensitive metadata through unauthenticated requests. (The Register) Attackers weaponize RubyGems. Socket researchers uncovered a campaign dubbed "GemStuffer" that abuses the RubyGems package registry as a dead-drop system for exfiltrated data rather than traditional malware delivery. More than 100 malicious gems scraped public-facing UK government websites and uploaded the collected data back to RubyGems using embedded API keys, letting attackers retrieve the information without dedicated command-and-control infrastructure. Researchers warned it highlights how software package registries could increasingly be abused as covert data transport layers in future supply chain attacks. (Dark Reading) Tables turn on 'the Gentlemen' Check Point analyzed leaked internal data from the ransomware group "The Gentlemen" after unknown hackers breached the gang's backend systems and began selling 16GB of stolen data. The leak revealed a structured ransomware-as-a-service operation led by an operator known as "zeta88," with specialized members handling reconnaissance, credential access, negotiations, and malware development with a 90/10 affiliate payout model. The group is said to rely on known vulnerabilities, common ransomware tooling, and some AI-assisted development. (Dark Reading)