Wiz researchers found many similarities to OpenAI with their escalated access.
A cloud security firm found a publicly accessible, fully controllable database belonging to DeepSeek, the Chinese firm that has recently shaken up the AI world, "within minutes" of examining DeepSeek's security, according to a blog post by Wiz.
An analytical ClickHouse database tied to DeepSeek, "completely open and unauthenticated," contained more than 1 million instances of "chat history, backend data, and sensitive information, including log streams, API secrets, and operational details," according to Wiz. An open web interface also allowed for full database control and privilege escalation, with internal API endpoints and keys available through the interface and common URL parameters.