InfoSecBulletin Cybersecurity for mankind
New York-based cybersecurity firm Wiz has discovered sensitive data from the Chinese AI startup DeepSeek that was accidentally exposed on the internet.
Microsoft brings DeepSeeK to Azure AI Foundry and GitHub
Hackers leverage Google’s subdomains, phone number to attack victims
DeepSeek Sensitive data exposed To Web: Wiz report
“FirePass” starts its operation in Bangladesh officially
PoC Exploit Released for TP-Link Router XSS Vuln
CVE-2024-40891
Zyxel CPE Zero-Day Exploited in the Wild
Apple fixed year’s first actively exploited zero-day flaw
DeepSeek Hit by massive Cyber Attack, Limits Registrations
GitHub Desktop Vuln Credential Leaks via Malicious Remote URLs
Burp Suite 2025.1 released: Featuring Intruder Capabilities & Bug Fixes
In a blog post, Wiz reported that scans of DeepSeek’s infrastructure revealed over a million unsecured data lines. This data contained digital software keys and chat logs that recorded user prompts sent to the company’s free AI assistant.
Wiz’s chief technology officer said DeepSeek quickly secured the data after his firm alerted them.
“They took it down in less than an hour,” Ami Luttwak said. “But this was so simple to find we believe we’re not the only ones who found it.”
DeepSeek did not immediately return a message seeking comment.
DeepSeek’s rapid success with its AI assistant has excited China while worrying the U.S. The company’s ability to compete with OpenAI at a lower cost raises concerns about the profitability of American AI giants like Nvidia and Microsoft.
By Monday, it surpassed ChatGPT in downloads on Apple’s App Store, leading to a global decline in tech stocks.
