DeepSeek, a Chinese startup, revealed its powerful open-source AI model, but researchers from Wiz uncovered severe security vulnerabilities. They accessed unencrypted internal data, including sensitive chat histories and operational details, within minutes. The backdoor posed a risk for potential attacks with no defense mechanisms in place. Despite attempts to notify DeepSeek, researchers faced challenges reaching the company, yet it responded quickly to secure the database once alerted. This incident highlights significant lapses in data security practices in emerging AI technologies.
"...within minutes, that they were able to access a trove of completely unencrypted internal data with ease."
"Usually when we find this kind of exposure, it's in some neglected service that takes us hours to find - hours of scanning."
Collection
[
|
...
]