A New York-based cybersecurity firm, Wiz, has uncovered a critical security lapse at DeepSeek, a rising Chinese AI startup, revealing a cache of sensitive data openly accessible on the internet.
According to a report published by Wiz, the exposed data included over a million lines of log entries, digital software keys, backend details, and user chat history from DeepSeek’s AI assistant. The firm’s researchers found that DeepSeek had inadvertently left an unsecured ClickHouse database accessible online, raising significant security concerns for enterprises and governments globally.
Read more…
Source: CSO Online News
Related:
- Brussels unveils highly-anticipated strategy on defence but fails to outline new funding options
March 19, 2025
The White Paper, released on Wednesday, broadly rehashes the Commission’s ReArm Europe proposal unveiled two weeks ago that could see member states mobilise up to €800 billion for defence over the next four years by notably, pooling orders and procuring equipment together. Capabilities the Commission has identified as priority areas include air and missile defence, artillery ...
- South Korean defense giants bet big on AI-powered military tech
March 12, 2025
South Korean defense companies are ramping up investments in artificial intelligence (AI) software technology to boost unmanned warfare capabilities. The growing role of AI-powered autonomous weapon systems in warfare, particularly highlighted by the Russia-Ukraine war, has made them decisive in determining victory or defeat. Defense firms are making strategic equity investments in AI-focused technology companies to ...
- Israel: Unit 8200 created AI language learning tool from intercepted Palestinian Arabic comms
March 7, 2025
Israel’s military surveillance Unit 8200 has reportedly developed a vast database of intercepted Palestinian communications in order to construct an artificial intelligence tool similar to ChatGPT, a joint investigation by The Guardian, +972 Magazine and Mekomit alleged on Thursday. Israel reportedly hopes that the resulting AI tool “will transform its spying capabilities.” The investigation by the ...
- Trojans disguised as AI: cybercriminals exploit DeepSeek’s popularity
March 6, 2025
Among the most significant events in the AI world in early 2025 was the release of DeepSeek-R1 – a powerful reasoning large language model (LLM) with open weights. It’s available both for local use and as a free service. Since DeepSeek was the first service to offer access to a reasoning LLM to a wide ...
- How hackers ruined a Disney employee’s life after he downloaded AI photo tool
February 27, 2025
A former Disney employee’s world was turned upside down when he downloaded an artificial intelligence-powered photo program, unaware that it was laced with hacking software, during a massive data breach at the entertainment giant. In July, Matthew Van Andel, an engineer at Disney at the time, got a message on the chat forum Discord from an ...
- Paris AI summit: Why won’t US, UK sign global artificial intelligence pact?
February 12, 2025
The United States and United Kingdom have refused to sign an Artificial Intelligence Action Summit declaration calling for policies “ensuring AI is open, inclusive, transparent, ethical, safe, secure and trustworthy”. The summit in Paris on Monday and Tuesday brought together representatives from more than 100 countries to discuss how to reach a consensus on guiding the ...