The sudden fame of Deepseek this week came with a drawback, because the safety and AI researchers have not waste time to investigate the defects of the AI model and its safety.
Says Deepseek can be Easily jailbreaké appeared in the hours following the development of the AI startup at the Center of the AI world, followed by reports of disinformation And the inaccuracies found in the chatgpt potential rival and other large language models (LLM). The crooks did not waste time accumulating, because Cyble detected a wave attempts at fraud and phishing aimed at exploiting the sudden popularity of Deepseek.
The latest Deepseek security problem implies a Database exposed Discovered by Wiz Research, who added to concerns about the security and confidentiality controls of the AI startup.
“The rapid adoption of IA services without corresponding security is intrinsically risky,” wrote Wiz researchers. “This exhibition highlights the fact that the immediate security risks for AI applications come from the infrastructure and the tools that support them.”
A drawback of the problems of security and disinformation surrounding Deepseek is that they threaten to harm what seems to be a real breakthrough in the effectiveness of the AI which attracted the attention Technological lighting like the CEO of Snowflake Sridhar Ramaswamy.
The leak of the database highlights deep security problems
WIZ researchers said they discovered a clickhouse database accessible to the public belonging to Deepseek which allowed total control over database operations, including the possibility of accessing internal data.
The exhibition includes more than “a million lines of newspaper flow containing cat history, secret keys, backend details and other very sensitive information,” wrote the researchers. They immediately disclosed the problem at Deepseek, which quickly secured the database.
Researchers said they started investigating Deepseek’s security posture for everything Vulnerabilities according to the sudden reputation of the startup in AI. It didn’t take long to find important problems.
“In a few minutes, we found a clickhouse database accessible to the public linked to Deepseek, completely open and not authenticated, exhibiting sensitive data,” they said.
The unsecured body has made it possible “the complete control of the database and the climbing of potential privileges in the Deepseek environment, without any authentication or defense mechanism to the outside world”, added the researchers.
The data seemed recent, with newspapers dating from January 6, 2025. It included references to the internal endpoints Deepseek API and newspapers in the clear text exposed which included cat history, API keys, details of the details Backend and operational metadata.
“This level of access posed a critical risk for the security of Deepseek and for its end users,” said the researchers. “Not only can an attacker recover sensitive newspapers and chat messages in real raw text, but they could also exfiltrate the passwords in clear text and local files along property information directly from the server.”
A breakthrough of darkened by the security and disinformation problems
An unfortunate side effect of the widespread focusing on the security and accuracy problems of Deepseek is that the controversy threatens to obscure the fact that Deepseek could well be the Cost and pierced efficiency that society claims to be.
In a market full of extremely expensive and energy Genai models, a model that can compete while using 90% at 98% less power is very good news. And Deepseek even open-open One of his models, giving others a chance to work with him.
It remains to be seen if the problems of security and disinformation of Deepseek could limit its adoption, but the window to do things well may not be opened long, because rivals like Alibaba Follow quickly with their own allegations of genai breakthroughs.
And maybe there is a lesson here for other startups, whether focusing on AI or other technologies: do not leave cybersecurity problems harm your greatest breakthroughs.