New AI Security Flaws Exposed in DeepSeek and Claude AI by Researcher

The rapid advancement of artificial intelligence technologies in recent years has revolutionized numerous sectors, introducing unprecedented capabilities and efficiencies. However, with these advancements come new and evolving security challenges. Recently, cybersecurity researcher Johann Rehberger uncovered significant security flaws in AIs such as DeepSeek and Claude AI, which have profound implications for user safety and data integrity. These discoveries highlight the urgent need for developers and AI application designers to adopt stringent security measures to protect against sophisticated cyber threats.

Prompt Injection Vulnerabilities in DeepSeek

Exploiting XSS Vulnerabilities

Rehberger’s findings on DeepSeek AI chatbot revealed a serious security flaw that allowed attackers to hijack user accounts using a cross-site scripting (XSS) vulnerability through a prompt injection attack. By crafting a specific prompt, malicious actors could cause DeepSeek to execute JavaScript code. This code then extracted the victim’s session token stored in localStorage, enabling the attackers to take over the user’s account. The exploit was particularly insidious because it leveraged the chatbot’s ability to execute arbitrary commands, making it a potent tool in the hands of cybercriminals.

The implications of such vulnerabilities are far-reaching, given that user accounts often contain sensitive information and access privileges. This type of attack could lead to data breaches, unauthorized transactions, and significant damage to the affected individuals and organizations. Although the specific flaw identified in DeepSeek has since been addressed, the incident underscores the potential dangers posed by LLMs in uncontrolled environments. Developers must be vigilant in identifying and mitigating such vulnerabilities to prevent malicious exploitation.

Handling Unauthorized Code Execution

In addition to the account takeover vulnerability, prompt injections in large language models (LLMs) pose a broader risk of unauthorized code execution. Attackers can engineer prompts that cause these models to include harmful, arbitrary data in their output, which can then be executed in system terminals. This particular attack method is termed Terminal DiLLMa, a nod to the unexpected and potentially disastrous outcomes it can produce. The nature of this threat requires developers to exercise extreme caution in validating and sanitizing inputs to ensure that their systems do not inadvertently execute dangerous code.

Furthermore, the ability of LLMs to execute unauthorized code highlights a fundamental challenge in AI implementation: balancing powerful capabilities with robust security measures. Given the increasing adoption of AI technologies across various industries, the potential for misuse is growing. The industry must prioritize developing comprehensive security protocols and best practices to safeguard AI deployments from such sophisticated attacks.

Vulnerabilities in Claude AI

ZombAIs and Command Execution

Rehberger’s research extended beyond DeepSeek, uncovering significant vulnerabilities in Anthropic’s Claude AI, a tool designed to autonomously control computer functions. By manipulating Claude AI through prompt injections, he demonstrated that attackers could execute malicious commands, including downloading and running the Sliver command-and-control (C2) framework. This method of exploitation, referred to as ZombAIs, capitalizes on the AI’s inherent capabilities to manipulate system-level actions without proper oversight or security controls.

The ability to execute command-and-control frameworks poses a severe risk, as it can lead to the complete compromise of a targeted system. Attackers could leverage this access to install malware, exfiltrate sensitive information, or disrupt operations. Addressing this vulnerability requires not only technical solutions but also a strategic rethinking of how autonomous AIs are integrated into critical systems. Ensuring that these tools have robust security measures and access controls is essential to prevent unauthorized command execution.

Broader Implications for AI Security

The vulnerabilities in Claude AI, combined with those found in DeepSeek, illustrate a broader issue within the AI community: the need for comprehensive security strategies that address the unique risks posed by advanced AIs. As these tools become more sophisticated and integrated into various applications, the potential for abuse and exploitation grows. Researchers, developers, and organizations must collaborate to establish best practices for securing AI systems, including regular security audits, input validation, and robust access controls.

Moreover, the ongoing research and identification of vulnerabilities by experts like Rehberger highlight the importance of a proactive approach to AI security. The ever-evolving threat landscape demands constant vigilance and adaptation to new challenges. By staying ahead of cyber threats and implementing rigorous security measures, the industry can ensure that AI technologies deliver their promised benefits without compromising user safety or data integrity.

Risks in Large Language Models (LLMs)

Misuses of ChatGPT by OpenAI

Further research by academics from the University of Wisconsin-Madison and Washington University in St. Louis revealed additional risks associated with OpenAI’s ChatGPT. They found that prompt injection attacks could trick ChatGPT into rendering external image links disguised as innocuous prompts. This vulnerability could potentially display explicit or violent content, posing significant harm to users. The researchers also noted that such attacks could indirectly trigger ChatGPT plugins without user confirmation, bypassing OpenAI’s defensive constraints against dangerous links and enabling attackers to exfiltrate user chat histories to remote servers.

These findings underscore the complexity of securing large language models, as they often operate in environments where user inputs are unpredictable and diverse. The ability of attackers to manipulate outputs through carefully crafted prompts challenges the notion of AI as inherently secure. Developers must continually enhance their defensive measures and scrutinize the contexts in which these models are deployed to prevent malicious exploitation.

Strengthening Defensive Measures

The rapid advancement of artificial intelligence technologies in recent years has transformed numerous sectors, bringing about unprecedented capabilities and efficiencies. While these advances are promising, they also bring new and evolving security challenges. Recently, cybersecurity researcher Johann Rehberger identified significant security flaws in AI systems such as DeepSeek and Claude AI. These flaws have serious repercussions for user safety and data integrity. Discoveries like these underline the urgent necessity for developers and AI application designers to implement stringent security measures. Sophisticated cyber threats are increasingly exploiting vulnerabilities in AI systems, making it crucial to adopt proactive security strategies. As AI continues to integrate more deeply into our daily lives and critical infrastructures, the importance of robust security protocols cannot be overstated. This requires a concerted effort from the entire tech industry to ensure that AI advancements do not outpace our ability to protect against potential threats. The future of AI depends on balancing innovation with security, ensuring its benefits are not overshadowed by risks.

Explore more

Lurking Lizard Group Hijacks User Devices for Proxy Network

Dominic Jainy stands at the intersection of emerging technology and cybersecurity, bringing years of hands-on experience with artificial intelligence and distributed systems to the table. As an IT professional who has watched the evolution of blockchain and machine learning, he possesses a keen eye for how decentralized networks can be co-opted by malicious actors. In this conversation, we dive into

Can the iQOO Z11 Lite Disrupt the Budget 5G Market?

The rapid evolution of mobile connectivity has reached a pivotal juncture where consumers no longer have to sacrifice performance for affordability in the competitive Indian smartphone landscape. As 5G infrastructure expands across urban and rural corridors, the demand for entry-level devices that offer premium-feeling features has surged exponentially. Into this environment steps the iQOO Z11 Lite, a device that promises

Trend Analysis: AI-Driven Recruitment Fraud

This crisis of legitimacy threatens the very foundation of digital hiring as artificial intelligence tools lower the entry barrier for cybercriminals. Legitimate hiring professionals currently find themselves in a high-stakes competition with sophisticated bots and deepfakes for the trust of an increasingly wary global workforce. This analysis explores the rise of AI-powered job scams, examines the shift in candidate sentiment

Trend Analysis: Private 5G Enterprise Networks

Traditional public cellular infrastructures are increasingly failing to meet the rigorous demands of heavy industry, prompting a massive migration toward dedicated, high-performance private corridors. As the smart factory transitions from a conceptual blueprint into a high-speed operational reality, the demand for ultra-reliable communication has never been more acute. In an environment where data sovereignty and ultra-low latency are considered non-negotiable

Analysts Outline Strategic Crypto Portfolio Plans for 2026

The rapid maturation of decentralized finance has fundamentally transformed how institutional and retail participants approach asset allocation within the current market cycle. Success in this sophisticated landscape no longer relies on chasing short-lived trends, but rather on a deep understanding of technological utility and the stabilizing influence of regulatory oversight. As the market moves away from speculative volatility toward a