The exposure was quickly secured after Wiz shared its discovery with DeepSeek, but it’s possible that information could have already been exposed. Research of this kind doesn’t pry too far into the databases it finds for ethical reasons, but Wiz concluded that an attacker could potentially escalate their privileges within the DeepSeek environment and retrieve sensitive logs, chat messages, passwords, and local files — all without needing any kind of authentication. Wiz...
