New AI Security Flaws Exposed in DeepSeek and Claude AI by Researcher

The rapid advancement of artificial intelligence technologies in recent years has revolutionized numerous sectors, introducing unprecedented capabilities and efficiencies. However, with these advancements come new and evolving security challenges. Recently, cybersecurity researcher Johann Rehberger uncovered significant security flaws in AIs such as DeepSeek and Claude AI, which have profound implications for user safety and data integrity. These discoveries highlight the urgent need for developers and AI application designers to adopt stringent security measures to protect against sophisticated cyber threats.

Prompt Injection Vulnerabilities in DeepSeek

Exploiting XSS Vulnerabilities

Rehberger’s findings on DeepSeek AI chatbot revealed a serious security flaw that allowed attackers to hijack user accounts using a cross-site scripting (XSS) vulnerability through a prompt injection attack. By crafting a specific prompt, malicious actors could cause DeepSeek to execute JavaScript code. This code then extracted the victim’s session token stored in localStorage, enabling the attackers to take over the user’s account. The exploit was particularly insidious because it leveraged the chatbot’s ability to execute arbitrary commands, making it a potent tool in the hands of cybercriminals.

The implications of such vulnerabilities are far-reaching, given that user accounts often contain sensitive information and access privileges. This type of attack could lead to data breaches, unauthorized transactions, and significant damage to the affected individuals and organizations. Although the specific flaw identified in DeepSeek has since been addressed, the incident underscores the potential dangers posed by LLMs in uncontrolled environments. Developers must be vigilant in identifying and mitigating such vulnerabilities to prevent malicious exploitation.

Handling Unauthorized Code Execution

In addition to the account takeover vulnerability, prompt injections in large language models (LLMs) pose a broader risk of unauthorized code execution. Attackers can engineer prompts that cause these models to include harmful, arbitrary data in their output, which can then be executed in system terminals. This particular attack method is termed Terminal DiLLMa, a nod to the unexpected and potentially disastrous outcomes it can produce. The nature of this threat requires developers to exercise extreme caution in validating and sanitizing inputs to ensure that their systems do not inadvertently execute dangerous code.

Furthermore, the ability of LLMs to execute unauthorized code highlights a fundamental challenge in AI implementation: balancing powerful capabilities with robust security measures. Given the increasing adoption of AI technologies across various industries, the potential for misuse is growing. The industry must prioritize developing comprehensive security protocols and best practices to safeguard AI deployments from such sophisticated attacks.

Vulnerabilities in Claude AI

ZombAIs and Command Execution

Rehberger’s research extended beyond DeepSeek, uncovering significant vulnerabilities in Anthropic’s Claude AI, a tool designed to autonomously control computer functions. By manipulating Claude AI through prompt injections, he demonstrated that attackers could execute malicious commands, including downloading and running the Sliver command-and-control (C2) framework. This method of exploitation, referred to as ZombAIs, capitalizes on the AI’s inherent capabilities to manipulate system-level actions without proper oversight or security controls.

The ability to execute command-and-control frameworks poses a severe risk, as it can lead to the complete compromise of a targeted system. Attackers could leverage this access to install malware, exfiltrate sensitive information, or disrupt operations. Addressing this vulnerability requires not only technical solutions but also a strategic rethinking of how autonomous AIs are integrated into critical systems. Ensuring that these tools have robust security measures and access controls is essential to prevent unauthorized command execution.

Broader Implications for AI Security

The vulnerabilities in Claude AI, combined with those found in DeepSeek, illustrate a broader issue within the AI community: the need for comprehensive security strategies that address the unique risks posed by advanced AIs. As these tools become more sophisticated and integrated into various applications, the potential for abuse and exploitation grows. Researchers, developers, and organizations must collaborate to establish best practices for securing AI systems, including regular security audits, input validation, and robust access controls.

Moreover, the ongoing research and identification of vulnerabilities by experts like Rehberger highlight the importance of a proactive approach to AI security. The ever-evolving threat landscape demands constant vigilance and adaptation to new challenges. By staying ahead of cyber threats and implementing rigorous security measures, the industry can ensure that AI technologies deliver their promised benefits without compromising user safety or data integrity.

Risks in Large Language Models (LLMs)

Misuses of ChatGPT by OpenAI

Further research by academics from the University of Wisconsin-Madison and Washington University in St. Louis revealed additional risks associated with OpenAI’s ChatGPT. They found that prompt injection attacks could trick ChatGPT into rendering external image links disguised as innocuous prompts. This vulnerability could potentially display explicit or violent content, posing significant harm to users. The researchers also noted that such attacks could indirectly trigger ChatGPT plugins without user confirmation, bypassing OpenAI’s defensive constraints against dangerous links and enabling attackers to exfiltrate user chat histories to remote servers.

These findings underscore the complexity of securing large language models, as they often operate in environments where user inputs are unpredictable and diverse. The ability of attackers to manipulate outputs through carefully crafted prompts challenges the notion of AI as inherently secure. Developers must continually enhance their defensive measures and scrutinize the contexts in which these models are deployed to prevent malicious exploitation.

Strengthening Defensive Measures

The rapid advancement of artificial intelligence technologies in recent years has transformed numerous sectors, bringing about unprecedented capabilities and efficiencies. While these advances are promising, they also bring new and evolving security challenges. Recently, cybersecurity researcher Johann Rehberger identified significant security flaws in AI systems such as DeepSeek and Claude AI. These flaws have serious repercussions for user safety and data integrity. Discoveries like these underline the urgent necessity for developers and AI application designers to implement stringent security measures. Sophisticated cyber threats are increasingly exploiting vulnerabilities in AI systems, making it crucial to adopt proactive security strategies. As AI continues to integrate more deeply into our daily lives and critical infrastructures, the importance of robust security protocols cannot be overstated. This requires a concerted effort from the entire tech industry to ensure that AI advancements do not outpace our ability to protect against potential threats. The future of AI depends on balancing innovation with security, ensuring its benefits are not overshadowed by risks.

Explore more

Is AI Fueling Microsoft’s Record-Breaking 570 Patches?

The sheer volume of security vulnerabilities emerging within the enterprise ecosystem has reached a critical inflection point, forcing a fundamental reassessment of how major software vendors manage their codebases. As Microsoft crosses the threshold of issuing 570 distinct patches within a single reporting cycle, industry analysts are looking closely at the underlying drivers of this surge. A primary suspect in

Claude or GitHub Copilot: Which Is Best for Your Enterprise?

The current landscape of corporate technology has shifted fundamentally as generative artificial intelligence moves from being a speculative novelty to a central pillar of global production infrastructure. Today’s enterprises are no longer merely experimenting with automation or basic chatbots; they are actively integrating sophisticated “smart workers” directly into their most sensitive IT frameworks to maintain a competitive edge. This evolution

How AI Revolutionizes Social Media Analytics in 2026

The rapid integration of generative models into social media infrastructure has fundamentally altered how organizations interpret the chaotic flow of digital information. No longer are marketing professionals forced to manually sift through endless spreadsheets or rely on delayed monthly reports to understand consumer sentiment. Instead, the current technological environment provides a seamless stream of real-time intelligence that identifies shifts in

The Structural Shift Toward Creator Equity in B2B Marketing

The era of the transactional influencer campaign has reached a decisive turning point as sophisticated organizations begin to realize that renting an audience for a few weeks is far less effective than owning a share of the attention economy through permanent equity partnerships. For years, the standard operating procedure for Business-to-Business marketing involved paying flat fees for sponsored posts or

SMBs Must Adopt AI Defense to Match Rapid Cyber Threats

The sophisticated landscape of digital warfare has reached a point where manual intervention is no longer a viable primary defense mechanism for small and medium-sized enterprises. Cybercriminals are currently leveraging advanced automation and generative models to execute reconnaissance that used to take months in a matter of mere hours or even minutes. This shift in the threat actor’s playbook allows