Wednesday , July 15 2026
DeepSeek

DeepSeek reveils over 1 million chat records; Italy Bans DeepSeek

Chinese AI startup DeepSeek has exposed two databases with sensitive user and operational information from its DeepSeek-R1 LLM model.

Unsecured ClickHouse instances are believed to have exposed over a million log entries that include user chat histories in plaintext, along with API keys, backend information, and operational metadata.

Microsoft Patch Tuesday July-2026 fixes 570 flaws, 3 zero-days

Microsoft's Patch Tuesday in July 2026 fixes around 570 security flaws in its products. This comes after June's big update,...
Read More
Microsoft Patch Tuesday July-2026 fixes 570 flaws, 3 zero-days

Fortinet Patches 7 Flaws In FortiOS, FortiProxy, FortiPAM, and FortiSandbox

Fortinet fixes seven new security warnings on July 14, 2026. These affect FortiOS, FortiProxy, FortiPAM, and FortiSandbox. The issues vary...
Read More
Fortinet Patches 7 Flaws In FortiOS, FortiProxy, FortiPAM, and FortiSandbox

CISA warns Cisco IOS flaw, while VMware flaw allows bypassing authentication

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned that hackers are using CVE-2008-4128, a CSRF flaw in Cisco...
Read More
CISA warns Cisco IOS flaw, while VMware flaw allows bypassing authentication

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Wiz Research found this vulnerability while assessing DeepSeek’s external infrastructure for security.

The security firm discovered two public database instances at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000 that allowed anyone to run SQL queries through a web interface without needing authentication.

The databases contained a ‘log_stream’ table that stored sensitive internal logs dating from January 6, 2025, containing:

user queries to DeepSeek’s chatbot,
keys used by backend systems to authenticate API calls,
internal infrastructure and services information,
and various operational metadata.

“This level of access posed a critical risk to DeepSeek’s own security and for its end-users,” comments Wiz.

“Not only an attacker could retrieve sensitive logs and actual plaintext chat messages, but they could also potentially exfiltrate plaintext passwords and local files along propriety information directly from the server using queries like: SELECT * FROM file(‘filename’) depending on their ClickHouse configuration.”

Italy Ban DeepSeek:

Italy’s data protection authority has banned the Chinese AI firm DeepSeek from operating in the country due to concerns about its handling of users’ personal data. The Garante recently questioned DeepSeek about its data handling practices and the source of its training data.

It sought to understand what personal data is collected by its website and mobile app, the sources of that data, the purposes for collection, the legal basis, and whether the data is stored in China.

In a statement issued January 30, 2025, the Garante said it arrived at the decision after DeepSeek provided information that it said was “completely insufficient.”

The companies behind the service, Hangzhou DeepSeek Artificial Intelligence and Beijing DeepSeek Artificial Intelligence, have claimed they do not operate in Italy and that European laws do not apply to them, it added. The watchdog is immediately blocking access to DeepSeek and launching an investigation.

Earlier this week, the Chinese platform faced ongoing cyberattacks that it couldn’t stop, leading to a suspension of new user registrations for almost 24 hours.

Check Also

5

TP-Link alerts users to patch router auth bypass vulnerability

TP-Link fixed some security flaws in its Archer NX routers. CVE-2025-15517 is a security flaw …