DeepSeek’s AI Security Failures: A Warning for the Future
Arunkumar K.
CTO @ Sennovate | Pioneering AI Cybersecurity Solutions | Former CISO in Web3 & Crypto | Experienced with Bolstering defences for State & National Governments
Welcome to Hacker Hacks your go-to podcast for the latest in cybersecurity threats breaches and cutting-edge hacks. In today’s episode we uncover major security lapses—from a DOGE advisory board scandal to Russian cybercrime exploiting 7-Zip. We also discuss DeFi heists Microsoft account takeovers AMD CPU flaws and AI security risks. Stay tuned as we break down these high-stakes cyber battles!
Cybersecurity experts and government officials are alarmed by security lapses linked to Elon Musk’s DOGE advisory board which gained access to sensitive federal systems. Concerns center on the Treasury's payment system managing trillions in government spending and the Office of Personnel Management’s systems containing personal data of millions of federal employees. Musk's team allegedly installed unapproved private servers violating federal cybersecurity laws and creating vulnerabilities for hackers. The White House claims DOGE’s access is read-only but a former employee was granted administrative rights. Experts argue this undermines security potentially exposing data to foreign adversaries and enabling social engineering attacks. Legal experts warn that federal employees allowing such access could face criminal charges. The situation has sparked outrage from lawmakers with concerns that the administration's actions could destabilize critical federal systems.
A 7-Zip vulnerability (CVE-2025-0411, CVSS 7.0) was exploited by Russian cybercrime groups to bypass Windows' Mark-of-the-Web protections and deliver SmokeLoader malware. The flaw patched in 7-Zip version 24.09 (Nov 2024) allowed attackers to evade security checks by double-archiving malicious payloads. Used in spear-phishing campaigns the exploit targeted Ukrainian government and business entities with emails spoofing official addresses to trick users into executing disguised malware. Victims included Ukraine’s Ministry of Justice and Kyiv's public services. Attackers used homoglyph tricks to make ZIP files appear as Word documents ultimately leading to SmokeLoader infections. Users are advised to update 7-Zip enable email filtering and block execution of untrusted files. The campaign highlights risks for smaller less-secure government bodies often used as entry points for larger cyber operations.
Microsoft patched a critical vulnerability (CVE-2025-21396) that could allow attackers to bypass authentication and take over Microsoft Accounts. The flaw caused by missing authorization (CWE-862) could lead to privilege escalation over a network. However Microsoft confirmed that the issue has already been fully mitigated at the server level requiring no user action. The company disclosed the vulnerability as part of its transparency initiative to improve security awareness. No public disclosures or known exploits exist. Given that Microsoft Accounts control access to various services this fix reinforces trust in Microsoft's authentication security.
DeepSeek-R1’s release sparked debates on AI competition security and regulation. Despite cybersecurity flaws major tech firms like Microsoft integrated it securely. DeepSeek’s rise reflects a larger AI trend with open-source models like Alibaba’s Qwen 2.5 challenging proprietary dominance. While DeepSeek’s security lapses including leaked chat data and weak guardrails raise concerns banning open AI models is impractical. Instead secure deployment like Microsoft’s approach can mitigate risks. The U.S. should focus on AI security frameworks innovation and infrastructure rather than restrictive policies to maintain leadership in AI and emerging technologies.
领英推荐
The WEF’s Global Cybersecurity Outlook 2025 highlights supply chains as the biggest cybersecurity risk with 54% of large firms citing it as their main challenge. A lack of visibility into third-party security measures growing ransomware threats and AI-enhanced attacks exacerbate vulnerabilities. The 2024 global IT outage costing $5B underscored these risks. Governments are tightening regulations but compliance remains complex. Experts stress the need for proactive risk management secure software practices and international collaboration. Resilience requires more than compliance—it demands holistic strategies accountability and adaptability to emerging threats.
A malicious SDK called "SparkCat" has been found in Android and iOS apps on Google Play and the Apple App Store designed to steal crypto wallet recovery phrases using OCR. The infected apps unknowingly containing the malware were downloaded over 242000 times. The SDK scans images for recovery phrases and uploads data to command servers. Kaspersky identified 18 Android and 10 iOS apps some still available. Users are advised to uninstall affected apps run antivirus scans and avoid storing wallet recovery phrases in screenshots. A factory reset is also recommended for security.
Federal prosecutors indicted 22-year-old Andean Medjedovic for allegedly stealing $65 million in cryptocurrency by exploiting vulnerabilities in DeFi platforms KyberSwap and Indexed Finance. Using advanced mathematical techniques he manipulated KyberSwap’s smart contracts in November 2023 borrowing millions to artificially alter liquidity pool prices causing a system glitch that allowed him to steal $48.8 million. Medjedovic then allegedly tried to extort KyberSwap developers by offering to return 50% of the stolen funds in exchange for control of the platform. To launder the proceeds he used blockchain bridge protocols and mixers but was caught after attempting to pay $80000 to bypass frozen transactions.
AMD has patched a CPU vulnerability (CVE-2024-56161, CVSS 7.2) that could compromise Secure Encrypted Virtualization by allowing attackers with local admin access to load malicious microcode. The flaw stems from improper signature verification in AMD’s microcode patch loader potentially leading to loss of confidentiality and integrity in SEV-SNP-protected environments. Mitigations require BIOS and SEV firmware updates with verification possible via SEV-SNP attestation reports. Discovered by Google researchers the bug exploits an insecure hash function in microcode signature validation. AMD issued fixes to OEMs in December ahead of public disclosure. Additionally National Taiwan University researchers reported cache-based side-channel attacks against SEV prompting AMD to advise software security best practices.
That’s a wrap on this episode of Hacker Hacks! From high-profile security breaches to major crypto heists today’s stories prove that cyber threats are evolving faster than ever. Stay vigilant update your systems and always question suspicious links. Don’t forget to subscribe and tune in next time for more breaking cybersecurity news. Until then stay safe online!