DeepSeek exposes database with over 1 million chat records
Source: Bleeping Computer
DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information. The unsecured ClickHouse instances reportedly held over a million log entries containing user chat history in plaintext form, API keys, backend details, and operational metadata.
Mega-Breaches Bump Up 2024 Victim Count
Source: Data Breach Today
Identity Theft Resource Center Catalogs 3,158 Known US Incidents in 2024. The number of U.S. organizations year-over-year falling victim to a data breach appears to be holding steady, a number that masks a growing number of victims affected by mega-breaches.
Super Bowl LIX Could Be a Magnet for Cyberattacks
Source: Dark Reading
Sporting events like the upcoming Super Bowl LIX in New Orleans are prime targets for cyberattacks due to their massive audiences, extensive digital infrastructure, and the potential for high financial and reputational impact. Experts say organizers should be prepared for an onslaught of attacks leading up to and on game day, which is Feb. 9 this year.
Accusations Mount Against DeepSeek Over AI Plagiarism
Source: Data Breach Today
The low-cost miracle of the DeepSeek-R1 model may not in fact be one as accusations surfaced Tuesday and Wednesday that the Chinese company may have derived its reasoning model from U.S. firm OpenAI.
USPS Impersonators Tap Trust in PDFs in Smishing Attack Wave
Source: Dark Reading
Attackers impersonating the US Postal Service (USPS) are striking again, this time in a widescale mobile phishing campaign that taps people's trust in PDF files. This time it uses a novel evasion tactic to steal credentials and compromise sensitive data in SMS phishing (smishing) attacks.