Among the most significant events in the AI world in early 2025 was the release of DeepSeek-R1 – a powerful reasoning large language model (LLM) with open weights. It’s available both for local use and as a free service. Since DeepSeek was the first service to offer access to a reasoning LLM to a wide audience, it quickly gained popularity, mirroring the success of ChatGPT.
Naturally, this surge in interest also attracted cybercriminals. While analyzing our internal threat intelligence data, we discovered several groups of websites mimicking the official DeepSeek chatbot site and distributing malicious code disguised as a client for the popular service.
Read more…
Source: Kaspersky
Related:
- Russian zero-day seller is offering up to $4 million for Telegram exploits
March 21, 2025
Operation Zero, a company that acquires and sells zero-days exclusively to the Russian government and local Russian companies, announced on Thursday that it’s looking for exploits for the popular messaging app Telegram, and is willing to offer up to $4 million for them. The exploit broker is offering up to $500,000 for a “one-click” remote code ...
- Longtime FBI agent charged with disclosing classified records
March 20, 2025
A longtime FBI agent has been charged with unlawfully taking and disclosing classified FBI files, according to court records reviewed by CBS News. Johnathan Buma, who specialized in national security and terror cases, has been released on $100,000 bond, with orders to appear in court in Los Angeles. Buma was arrested as he boarded an international ...
- A website mapped Tesla owners and their personal information amid a wave of attacks
March 20, 2025
Tesla owners confirmed on Wednesday that an online map decorated with an image of a Molotov cocktail includes accurate personal information about them, such as residential addresses, raising fears that activists opposed to billionaire Tesla CEO Elon Musk could target them for vandalism. The online map went live Monday, displaying the names, addresses and contact information ...
- Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users
March 19, 2025
A consumer-grade spyware operation called SpyX was hit by a data breach last year, TechCrunch has learned. The breach reveals that SpyX and two other related mobile apps had records on almost 2 million people at the time of the breach, including thousands of Apple users. The data breach dates back to June 2024 but had ...
- Pennsylvania: Half a million teachers hit in major data breach
March 19, 2025
Even if you practice perfect cyber hygiene, you can still wake up to find yourself amid a major security crisis resulting from a data breach, and that’s exactly what happened to half a million teachers. As reported by The Record, over 500,000 teachers and other employees who work in education across Pennsylvania’s public schools had their ...
- Critical Veeam Backup & Replication CVE-2025-23120
March 19, 2025
On Wednesday, March 19, 2025, backup and recovery software provider Veeam published a security advisory for a critical remote code execution vulnerability tracked as CVE-2025-23120. The vulnerability affects Backup & Replication systems that are domain joined. Veeam explicitly mentions that domain-joined backup servers are against security and compliance best practices, but in reality, we believe this ...