A new investigation has revealed severe security flaws in DeepSeek’s infrastructure. Researchers at Wiz discovered an unauthenticated, publicly accessible ClickHouse database linked to DeepSeek, exposing sensitive data such as chat history, API secrets, and backend logs. Worse, attackers could gain full database control and escalate privileges within DeepSeek’s environment.
DeepSeek gained rapid popularity with its R1 AI model, topping app charts. However, following a cyberattack, security experts found glaring vulnerabilities, raising concerns about user data safety. The incident underscores the importance of robust cybersecurity, especially for AI startups handling sensitive information.
Please follow and like us:
