New AI Security Flaws Exposed in DeepSeek and Claude AI by Researcher

The rapid advancement of artificial intelligence technologies in recent years has revolutionized numerous sectors, introducing unprecedented capabilities and efficiencies. However, with these advancements come new and evolving security challenges. Recently, cybersecurity researcher Johann Rehberger uncovered significant security flaws in AIs such as DeepSeek and Claude AI, which have profound implications for user safety and data integrity. These discoveries highlight the urgent need for developers and AI application designers to adopt stringent security measures to protect against sophisticated cyber threats.

Prompt Injection Vulnerabilities in DeepSeek

Exploiting XSS Vulnerabilities

Rehberger’s findings on DeepSeek AI chatbot revealed a serious security flaw that allowed attackers to hijack user accounts using a cross-site scripting (XSS) vulnerability through a prompt injection attack. By crafting a specific prompt, malicious actors could cause DeepSeek to execute JavaScript code. This code then extracted the victim’s session token stored in localStorage, enabling the attackers to take over the user’s account. The exploit was particularly insidious because it leveraged the chatbot’s ability to execute arbitrary commands, making it a potent tool in the hands of cybercriminals.

The implications of such vulnerabilities are far-reaching, given that user accounts often contain sensitive information and access privileges. This type of attack could lead to data breaches, unauthorized transactions, and significant damage to the affected individuals and organizations. Although the specific flaw identified in DeepSeek has since been addressed, the incident underscores the potential dangers posed by LLMs in uncontrolled environments. Developers must be vigilant in identifying and mitigating such vulnerabilities to prevent malicious exploitation.

Handling Unauthorized Code Execution

In addition to the account takeover vulnerability, prompt injections in large language models (LLMs) pose a broader risk of unauthorized code execution. Attackers can engineer prompts that cause these models to include harmful, arbitrary data in their output, which can then be executed in system terminals. This particular attack method is termed Terminal DiLLMa, a nod to the unexpected and potentially disastrous outcomes it can produce. The nature of this threat requires developers to exercise extreme caution in validating and sanitizing inputs to ensure that their systems do not inadvertently execute dangerous code.

Furthermore, the ability of LLMs to execute unauthorized code highlights a fundamental challenge in AI implementation: balancing powerful capabilities with robust security measures. Given the increasing adoption of AI technologies across various industries, the potential for misuse is growing. The industry must prioritize developing comprehensive security protocols and best practices to safeguard AI deployments from such sophisticated attacks.

Vulnerabilities in Claude AI

ZombAIs and Command Execution

Rehberger’s research extended beyond DeepSeek, uncovering significant vulnerabilities in Anthropic’s Claude AI, a tool designed to autonomously control computer functions. By manipulating Claude AI through prompt injections, he demonstrated that attackers could execute malicious commands, including downloading and running the Sliver command-and-control (C2) framework. This method of exploitation, referred to as ZombAIs, capitalizes on the AI’s inherent capabilities to manipulate system-level actions without proper oversight or security controls.

The ability to execute command-and-control frameworks poses a severe risk, as it can lead to the complete compromise of a targeted system. Attackers could leverage this access to install malware, exfiltrate sensitive information, or disrupt operations. Addressing this vulnerability requires not only technical solutions but also a strategic rethinking of how autonomous AIs are integrated into critical systems. Ensuring that these tools have robust security measures and access controls is essential to prevent unauthorized command execution.

Broader Implications for AI Security

The vulnerabilities in Claude AI, combined with those found in DeepSeek, illustrate a broader issue within the AI community: the need for comprehensive security strategies that address the unique risks posed by advanced AIs. As these tools become more sophisticated and integrated into various applications, the potential for abuse and exploitation grows. Researchers, developers, and organizations must collaborate to establish best practices for securing AI systems, including regular security audits, input validation, and robust access controls.

Moreover, the ongoing research and identification of vulnerabilities by experts like Rehberger highlight the importance of a proactive approach to AI security. The ever-evolving threat landscape demands constant vigilance and adaptation to new challenges. By staying ahead of cyber threats and implementing rigorous security measures, the industry can ensure that AI technologies deliver their promised benefits without compromising user safety or data integrity.

Risks in Large Language Models (LLMs)

Misuses of ChatGPT by OpenAI

Further research by academics from the University of Wisconsin-Madison and Washington University in St. Louis revealed additional risks associated with OpenAI’s ChatGPT. They found that prompt injection attacks could trick ChatGPT into rendering external image links disguised as innocuous prompts. This vulnerability could potentially display explicit or violent content, posing significant harm to users. The researchers also noted that such attacks could indirectly trigger ChatGPT plugins without user confirmation, bypassing OpenAI’s defensive constraints against dangerous links and enabling attackers to exfiltrate user chat histories to remote servers.

These findings underscore the complexity of securing large language models, as they often operate in environments where user inputs are unpredictable and diverse. The ability of attackers to manipulate outputs through carefully crafted prompts challenges the notion of AI as inherently secure. Developers must continually enhance their defensive measures and scrutinize the contexts in which these models are deployed to prevent malicious exploitation.

Strengthening Defensive Measures

The rapid advancement of artificial intelligence technologies in recent years has transformed numerous sectors, bringing about unprecedented capabilities and efficiencies. While these advances are promising, they also bring new and evolving security challenges. Recently, cybersecurity researcher Johann Rehberger identified significant security flaws in AI systems such as DeepSeek and Claude AI. These flaws have serious repercussions for user safety and data integrity. Discoveries like these underline the urgent necessity for developers and AI application designers to implement stringent security measures. Sophisticated cyber threats are increasingly exploiting vulnerabilities in AI systems, making it crucial to adopt proactive security strategies. As AI continues to integrate more deeply into our daily lives and critical infrastructures, the importance of robust security protocols cannot be overstated. This requires a concerted effort from the entire tech industry to ensure that AI advancements do not outpace our ability to protect against potential threats. The future of AI depends on balancing innovation with security, ensuring its benefits are not overshadowed by risks.

Explore more

TradFi Integration Fuels Growth for Top Crypto Assets

The seamless migration of global liquidity onto decentralized ledgers has effectively erased the historical distinction between traditional brokerage houses and blockchain-native ecosystems. This fundamental transformation is driven by the aggressive integration of traditional finance into decentralized protocols, a move that provides retail participants with the same sophisticated infrastructure once reserved for high-frequency institutional desks. As major financial gateways finalize their

Tron Leads Market Resilience as Pepeto Presale Surges

While much of the digital asset landscape has spent the early months of this year navigating a brutal 35 percent correction, certain corners of the ecosystem are thriving under pressure. This analysis explores the fascinating divergence between established blockchain giants and emerging market entries that are capturing investor attention during a period of significant volatility. The objective is to examine

What Should You Expect From Galaxy Unpacked 2026?

The technology landscape has shifted dramatically as consumers move away from mere hardware iterations toward deeply integrated artificial intelligence that anticipates user needs before they are explicitly articulated. Samsung’s upcoming Unpacked event is poised to redefine the flagship experience. The Galaxy S26 Ultra is the centerpiece, likely featuring a thinner chassis and a more immersive display. Beyond the phone, the

Frontier AI Governance – Review

The unprecedented acceleration of computational power and the emergence of models capable of autonomous reasoning have pushed the global policy discourse beyond the realm of speculative ethics into the territory of mandatory legal oversight. This current landscape is no longer defined by the simple automation of tasks but by the development of frontier artificial intelligence, representing the absolute peak of

Trend Analysis: High Utility Crypto Presales

The psychological threshold of “extreme fear” has historically served as the definitive starting point for the most aggressive capital appreciation cycles across the decentralized finance sector. While retail sentiment often retreats during these periods of heightened volatility, sophisticated capital pools view such contractions as essential entry points before the next major market expansion. This cyclical behavior is currently manifesting as