New DeepSeek jailbreak discovered as attacks analyzed

Chinese generative artificial intelligence platform DeepSeek was discovered by API security firm Wallarm to be susceptible to a jailbreaking technique that facilitated system prompt extraction, SecurityWeek reports.

Such a jailbreak method involving the exploitation of "bias-based AI response logic" has already been addressed by DeepSeek, according to Wallarm researchers. The development "raises important questions about how AI models are trained, what biases may be inherent in their systems, and whether they operate under specific regulatory constraints — particularly relevant for AI models developed within jurisdictions with stringent content controls," researchers added. Another report by NSFocus revealed that DeepSeek had its chat system targeted by a pair of distributed denial-of-service waves on Jan. 20 and 25 while its API interface had been subjected to a trio of DDoS attack waves between Jan. 25 to 27, with most of the intrusions stemming from U.S.-, UK-, and Australia-based systems. "This highly coordinated and precise attack suggests that the incident was not accidental, but likely a well-planned and organized cyberattack executed by a professional team," said NSFocus, whose findings follow DeepSeek's confirmation of a widespread attack that prompted stoppage of new registrations.