PRESS RELEASE

MONTREAL, January 29, 2025 (Newswire.com) - Flare, the global leader in Threat Exposure Management, has introduced Flare Academy, an educational hub featuring interactive online training offered free-of-charge to cybersecurity professionals.

Led by Flare's team of subject matter experts, Flare Academy offers a variety of online training modules on the latest cybersecurity threats to enhance the education and knowledge of cybersecurity practitioners. These sessions will highlight a variety of important topics, including investigation and intelligence gathering on cybercrime forums, techniques for deanonymizing threat actors, and ransomware analysis and infiltration.

Through interactive training sessions, security professionals can upgrade their skills and knowledge on a variety of cybercrime and cybersecurity topics, and earn CPE credits toward security certifications. And with the Flare Academy Discord Community, members can build relationships with other practitioners for continuous learning and engagement.

"Flare Academy will provide cybersecurity professionals with access to training, collaborative discussions, and cutting-edge resources," said Mathieu Lavoie, CTO & Research Team Lead at Flare. "We've launched this program with the goal of helping to empower security professionals with the training and information they need to stay ahead of threats and build a stronger, safer digital world."

A number of training modules are currently available for registration, including:

For more information about Flare Academy, and to register for upcoming modules, visit https://flare.io/trainings/.

About Flare

Flare is the leader in Threat Exposure Management, helping organizations of all sizes detect high-risk exposure found on the clear and dark web. Combining the industry's best cybercrime database with an incredibly intuitive user experience, Flare enables customers to reclaim the information advantage and get ahead of threat actors. For more information, visit https://flare.io.

You May Also Like

Interactive Online Training for Cybersecurity Professionals; Earn CPE Credits

Adversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them.

Source: ifeelstock via Alamy Stock Photo

Researchers have found malicious DeepSeek-impersonating packages planted in the Python Package Index (PyPi); the code is actually loaded with infostealers. Experts warn that's probably not the only platform loaded with fake, malicious DeepSeek packages, and that developers should proceed with care.

Researchers with Positive Technologies discovered the malicious packages, labeled "deepseekai" and "deepseeek," trying to trick developers into thinking they were legit.

"The attack targeted developers, machine learning \[ML\] engineers, and ordinary AI enthusiasts who might be interested in integrating DeepSeek into their systems," the Positive Technologies researchers wrote in an analysis.

The account behind the attack, "bvk," was created in June 2023 and sat dormant until the campaign sprang to life on Jan. 29, according to the report. When executed, the researchers noted both "deepseeek" and "deepseekai" drop infostealers to steal sensitive data, including API keys, database credentials, and permissions.

The malicious PyPi packages have been deleted, but there's evidence they were downloaded 36 times using the pip package manager and the bandersnatch mirroring tool, and 186 times using the browser, the researchers reported.

"Sometimes API keys aren’t leaked, they’re just plain stolen," Tim Erlin, vice president of product at Wallarm says. "This incident is a good example of attackers taking advantage of the prevailing news cycle. Anytime you’re doing something popular, whether clicking on a link or installing a PyPi package, it’s best to approach the task with a healthy dose of skepticism."

Related:'Constitutional Classifiers' Technique Mitigates GenAI Jailbreaks

That mindset can help developers avoid making similar cybersecurity slip-ups, according to Mike McGuire, senior security solutions manager with Black Duck.

"In their eagerness to leverage DeepSeek in their tasks, many developers missed the 'red flag' that they were downloading packages from an account with a limited, poor reputation, and had their environment variables and secrets compromised as a result," McGuire says.

Ironically given how advanced DeepSeek's capabilities are touted to be, the attack itself was a fairly low-tech affair, Michael Lieberman, CTO at Kusari, notes.

"Typosquatting attacks are popular because they work," Kusari points out. "It's easy for a developer to mistype a word or use something with a similar-sounding name and suddenly their application is pulling in malicious code. Popular or trendy technologies are at particular risk since the pool of potential victims is larger."

Related:DeepSeek Jailbreak Reveals Its Entire System Prompt

**Adversaries Using AI to Write Code Faster Too**

In a novel twist, the researchers found evidence the threat actors used AI to write the malicious code.

"There are clear indications that the compromised code was written with AI assistance, providing a real-world example of AI being used for malicious intent," Wallarm's Erlin says.

Erlin adds that developers should expect similar malicious packages to be scattered among various platforms.

"Developers, with malintent or not, are heavily invested in using AI to be more efficient." he adds. "AI lets developers write more code, faster. We should expect to see the volume of malicious code expand at the same rate as code in general."

To protect their environments from these threats, Raj Mallempati, CEO of BlueFlag Security, says developers need to implement strong security practices throughout the software development lifecycle (SDLC). That means using software composition analysis (SCA) tools, as well as automated vulnerability scanning, limiting the use of unverified packages in developer environments, and threat intelligence monitoring.

"This recent incident underscores the need for developers to specifically protect against threats like OSS typosquatting," Mallempati explains. "Double checking package names and verifying package sources that come from DeepSeek will be key here. As well, developers should enable dependency scanning tools like Github dependabot to ensure they are not downloading malicious packages."

Related:Code-Scanning Tool's License at Heart of Security Breakup

**About the Author**

Dark Reading

Becky Bracken is a veteran multimedia journalist covering cybersecurity for Dark Reading.

AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi

DeepSeek R1, a cost-efficient AI model, achieves impressive reasoning but fails all safety tests in a new study…

DeepSeek R1, a cost-efficient AI model, achieves impressive reasoning but fails all safety tests in a new study by Cisco’s Robust Intelligence. Researchers used algorithmic jailbreaking to demonstrate 100% vulnerability to harmful prompts, raising concerns about its training methods and the need for superior AI security measures.

Chinese start-up DeepSeek has gained attention for introducing large language models (LLMs) with advanced reasoning capabilities and cost-efficient training. Its recent releases DeepSeek R1-Zero and DeepSeek R1 have achieved performance comparable to leading models like OpenAI’s o1 at a fraction of the cost and outperformed Claude 3.5 Sonnet and ChatGPT-4o on tasks like math, coding, and scientific reasoning.

 However, the latest research from Robust Intelligence (now part of Cisco) and the University of Pennsylvania, shared with Hackread.com, reveals critical safety flaws.

Researchers reportedly collaborated to investigate the security of DeepSeek R1, a new reasoning model from the Chinese AI startup DeepSeek. The assessment cost was less than $50 and involved using an algorithmic validation methodology.

The team tested DeepSeek R1, OpenAI’s o1-preview, and other frontier models using an automated jailbreaking algorithm applied to 50 prompts from the HarmBench dataset. These prompts spanned six categories of harmful behaviour, including cybercrime, misinformation, illegal activities, and general harm. 

Their key metric was the Attack Success Rate (ASR), measuring the percentage of prompts that elicited harmful responses. The results were alarming: DeepSeek R1 exhibited a 100% attack success rate, failing to block a single harmful prompt. This contrasts sharply with other leading models, which demonstrated at least some level of resistance to such attacks. 

It is worth noting that researchers used a temperature setting of 0 for reproducibility and verified jailbreaks through automated methods and human oversight. DeepSeek R1’s 100% ASR starkly contrasts with o1, which successfully blocked many adversarial attacks. This suggests that DeepSeek R1 while achieving cost efficiencies in training, has significant trade-offs in safety and security.

Via Cisco’s Robust Intelligence

For your information, DeepSeek’s AI development strategy utilizes three core principles- Chain-of-thought” prompting, reinforcement learning, and distillation, which enhance its LLMs’ reasoning efficiency and self-evaluate reasoning processes.

As per Cisco’s investigation these strategies, while being cost-efficient, may have compromised the models’ safety mechanisms. Compared to other frontier models, DeepSeek R1 appears to lack effective guardrails, making it highly susceptible to algorithmic jailbreaking and potential misuse.  

The research emphasizes the need for rigorous security evaluation in AI development to balance efficiency and reasoning without compromising safety. It also highlights the significance of third-party guardrails for consistent security across AI applications.

Cisco Finds DeepSeek R1 Highly Vulnerable to Harmful Prompts

Dubai UAE, UAE, 3rd February 2025, CyberNewsWire

**Dubai UAE, UAE, February 3rd, 2025, CyberNewsWire**

Artificial Intelligence (AI) is widely recognized for its potential to impact industries and everyday life. Yet, access to AI-driven tools and development has often been confined to tech-savvy enterprises with significant financial resources. Builder.ai, however, is challenging this paradigm by democratizing AI for the next billion users. Its mission is to make AI-driven development accessible and affordable for underrepresented markets and developing countries, fostering innovation and inclusion in a rapidly digitalizing world.

**Bridging the Digital Divide**

In many developing areas, technological progress is hindered by the lack of resources, infrastructure, or expertise. Often, businesses or entrepreneurs in these locations find it tough to get in touch with any advanced tools for constructing software or utilising AI for any application. Builder.ai can bridge this gap by offering software development on a platform that lowers the cost and makes this process easy.

At the heart of the mission of Builder.ai is a belief that innovation should not be limited by geography, budget, or technical know-how. Users can create applications without writing a single line of code on its platform.

By automating much of the development process and using pre-built components, Builder.ai reduces costs and accelerates time-to-market—critical factors for startups and small businesses in resource-constrained environments.

**AI-Powered Accessibility**

Builder.ai’s platform leverages AI to streamline the development journey. From ideation to deployment, AI is at the heart of process optimization, predicting user needs, and delivering customized solutions. For example, its AI assistant, Natasha, assists users in articulating their requirements so that they are clearly stated and there is less chance of error. This is a goldmine for entrepreneurs in developing countries who do not have technical skills but have transformational ideas.

The transparency of pricing on the platform further eliminates barriers. Builder.ai allows users to plan their budgets effectively through upfront cost estimates, thus eliminating the financial unpredictability often associated with traditional software development. This feature is particularly beneficial for small businesses and startups in underrepresented markets, where financial resources are limited.

**Empowering Local Entrepreneurs**

Builder.ai has facilitated the development of many local entrepreneurs. Even small and medium enterprises all around the world that are working as the backbone of economies have at times been hindered due to technology disparities. Builder.ai has helped in alleviating this problem through the provision of a low-cost and user-friendly development platform.

**Supporting Public Sector Initiatives**

The mission of Builder.ai is not only limited to the private sector. In developing countries, governments and non-profit organizations require customized software for health care, education, and public services. However, limited budgets and technical constraints prevent them from implementing such solutions. Builder.ai opens a way out of these difficulties.

**Scaling for the Future**

The more digital adoption accelerates globally, the higher will be the demand for accessible AI-driven tools. Its scalable platform puts Builder.ai in a position to capitalize on that, especially in developing regions where the next wave of digital users will emerge. Its pay-as-you-go model allows businesses to scale their applications as they grow without incurring the usually prohibitive costs.

To supplement this, it emphasizes education and training to create a maximizer out of any user on Builder.ai. Aiding with any knowledge and tools means the company assists in using its platform by such underrepresented-market users, engendering that feel of innovation towards self-reliance.

**Transforming the Global Landscape**

The commitment of Builder.ai towards democratizing AI also means more than technology it depicts a more inclusive and equitable digital landscape. It’s enabling individuals and organizations to realize their potential, irrespective of where they are or how much they have, toward making AI-driven development accessible to the next billion users. Democratization holds far-reaching implications from boosting local economies to battling global challenges through innovative solutions.

Moving ahead with Builder.ai, its footprint on underrepresented markets and developing countries will surely symbolize the future transformation that is technology. Breaks down all barriers and opens opportunities for its customers, creating a better tomorrow by building much-needed software aiming to benefit all human beings.

**About Builder.ai**

Builder.ai is a technology company that makes AI-driven software development accessible and affordable. Its platform enables users to create applications without coding expertise, reducing costs and accelerating digital transformation. By supporting startups, small businesses, and public sector initiatives, Builder.ai fosters innovation in underrepresented markets and developing countries.

For more information, users can visit: https://www.builder.ai/

**Contact**

**Stephanie Lowenthal**  
**Builder.ai**  
**\[email protected\]**

How Builder.ai is Democratizing AI for the Next Billion Users

The ABB Cylon FLXeon BACnet controller is vulnerable to authenticated remote root code execution via the /api/timeConfig endpoint. An attacker with valid credentials can inject arbitrary system commands by manipulating parameters such as tz, timeServerYN, and multiple timeDate fields. The vulnerability exists due to improper input validation in timeConfig.js, where user-supplied data is executed via ChildProcess.exec() without adequate sanitization.

Title: ABB Cylon FLXeon 9.3.4 (timeConfig.js) Authenticated Root Remote Code Execution  
Advisory ID: ZSL-2025-5910  
Type: Local/Remote  
Impact: System Access, DoS  
Risk: (5/5)  
Release Date: 02.02.2025

**Summary**

BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boilers, chillers, cooling towers, heat pump systems, air handling units (constant volume, variable air volume, and multi-zone), rooftop units, electrical systems such as lighting control, variable frequency drives and metering.

The FLXeon Controller Series uses BACnet/IP standards to deliver unprecedented connectivity and open integration for your building automation systems. It's scalable, and modular, allowing you to control a diverse range of HVAC functions.

**Description**

The ABB Cylon FLXeon BACnet controller is vulnerable to authenticated remote root code execution via the /api/timeConfig endpoint. An attacker with valid credentials can inject arbitrary system commands by manipulating parameters such as tz, timeServerYN, and multiple timeDate fields. The vulnerability exists due to improper input validation in timeConfig.js, where user-supplied data is executed via ChildProcess.exec() without adequate sanitization.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

FLXeon Series (FBXi Series, FBTi Series, FBVi Series)  
CBX Series (FLX Series)  
CBT Series  
CBV Series  
Firmware: <=9.3.4

**Tested On**

Linux Kernel 5.4.27  
Linux Kernel 4.15.13  
NodeJS/8.4.0  
Express

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[20.01.2025\] Vendor releases version 9.3.5 to address this issue.  
\[02.02.2025\] Coordinated public security advisory released.

**PoC**

abb\_flxeon\_rce4.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch  
\[2\] https://www.cve.org/CVERecord?id=CVE-2024-48841

**Changelog**

\[02.02.2025\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

ABB Cylon FLXeon 9.3.4 (timeConfig.js) Authenticated Root Remote Code Execution

The ABB Cylon FLXeon BACnet controller is vulnerable to an authenticated root command injection. An attacker can exploit the Backup-Restore feature via the /api/upload endpoint to execute arbitrary system commands as root. The issue arises due to improper input validation in upload.js, where user-supplied input is passed to ChildProcess.exec() without adequate sanitization, allowing command injection via the filename parameter.

Title: ABB Cylon FLXeon 9.3.4 (upload.js) Authenticated Root Remote Code Execution  
Advisory ID: ZSL-2025-5909  
Type: Local/Remote  
Impact: System Access, DoS  
Risk: (5/5)  
Release Date: 02.02.2025

**Summary**

BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boilers, chillers, cooling towers, heat pump systems, air handling units (constant volume, variable air volume, and multi-zone), rooftop units, electrical systems such as lighting control, variable frequency drives and metering.

The FLXeon Controller Series uses BACnet/IP standards to deliver unprecedented connectivity and open integration for your building automation systems. It's scalable, and modular, allowing you to control a diverse range of HVAC functions.

**Description**

The ABB Cylon FLXeon BACnet controller is vulnerable to an authenticated root command injection. An attacker can exploit the Backup-Restore feature via the /api/upload endpoint to execute arbitrary system commands as root. The issue arises due to improper input validation in upload.js, where user-supplied input is passed to ChildProcess.exec() without adequate sanitization, allowing command injection via the filename parameter.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

FLXeon Series (FBXi Series, FBTi Series, FBVi Series)  
CBX Series (FLX Series)  
CBT Series  
CBV Series  
Firmware: <=9.3.4

**Tested On**

Linux Kernel 5.4.27  
Linux Kernel 4.15.13  
NodeJS/8.4.0  
Express

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[20.01.2025\] Vendor releases version 9.3.5 to address this issue.  
\[02.02.2025\] Coordinated public security advisory released.

**PoC**

abb\_flxeon\_rce3.txt

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch  
\[2\] https://www.cve.org/CVERecord?id=CVE-2024-48841

**Changelog**

\[02.02.2025\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

ABB Cylon FLXeon 9.3.4 (upload.js) Authenticated Root Remote Code Execution

The ABB Cylon FLXeon BAS controller is vulnerable to authenticated root command execution via the cmds API. An authenticated attacker can execute arbitrary system commands with root privileges.

Title: ABB Cylon FLXeon 9.3.4 (cmds.js) Authenticated Root Remote Code Execution  
Advisory ID: ZSL-2025-5908  
Type: Local/Remote  
Impact: System Access, DoS  
Risk: (5/5)  
Release Date: 02.02.2025

**Summary**

BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boilers, chillers, cooling towers, heat pump systems, air handling units (constant volume, variable air volume, and multi-zone), rooftop units, electrical systems such as lighting control, variable frequency drives and metering.

The FLXeon Controller Series uses BACnet/IP standards to deliver unprecedented connectivity and open integration for your building automation systems. It's scalable, and modular, allowing you to control a diverse range of HVAC functions.

**Description**

The ABB Cylon FLXeon BAS controller is vulnerable to authenticated root command execution via the cmds API. An authenticated attacker can execute arbitrary system commands with root privileges.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

FLXeon Series (FBXi Series, FBTi Series, FBVi Series)  
CBX Series (FLX Series)  
CBT Series  
CBV Series  
Firmware: <=9.3.4

**Tested On**

Linux Kernel 5.4.27  
Linux Kernel 4.15.13  
NodeJS/8.4.0  
Express

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[20.01.2025\] Vendor releases version 9.3.5 to address this issue.  
\[02.02.2025\] Coordinated public security advisory released.

**PoC**

cmdsapi.py

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch  
\[2\] https://www.cve.org/CVERecord?id=CVE-2024-48841

**Changelog**

\[02.02.2025\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

ABB Cylon FLXeon 9.3.4 (cmds.js) Authenticated Root Remote Code Execution

WhatsApp recently revealed a targeted spyware campaign linked to the Israeli firm Paragon, which affected 90 individuals, including…

WhatsApp recently revealed a targeted spyware campaign linked to the Israeli firm Paragon, which affected 90 individuals, including journalists and civil society members. The platform confirmed that affected users have been directly notified.

Meta-owned messaging app **WhatsApp** confirmed that it was taking action to stop a spyware attack targeting approximately 90 individuals, including journalists and members of civil society organizations. Those affected have been directly notified about the security breach, however, WhatsApp has not disclosed the location of journalists and civil society members, including if any of them were based in the US.

WhatsApp’s investigation points to Paragon Solutions, an Israeli spyware firm acquired by AE Industrial Partners, as the perpetrator of this attack. Reportedly, the attack vector involved the distribution of malicious PDF files through WhatsApp groups. Experts claim the targeting was a “**zero-click**” attack, requiring no malicious links to be infected. WhatsApp has since released a security update to neutralize this vulnerability.  

This campaign was also independently observed and is under investigation by John Scott-Railton, a senior researcher at The Citizen Lab, as he noted in a post on X (formerly Twitter). 

> NEW: @WhatsApp says Israeli mercenary spyware company #Paragon targeted scores of users around world.
> 
> The infection happened with no interaction. No link to click or attachment to open.
> 
> This is called a "zero-click" attack.
> 
> WA says targets included journalists & members of… pic.twitter.com/TekGNMdkoF
> 
> — John Scott-Railton (@jsrailton) February 1, 2025

WhatsApp believes the campaign occurred in December and has issued a cease and desist letter to Paragon. Since its inception in 2019, Paragon has maintained a low profile and has been embroiled in a hacking controversy for the first time, unlike other spyware makers like Intellexa and NSO Group, which have faced U.S. government sanctions and blocklists.

 However, the company has been under scrutiny following Wired Magazine’s October **report** of the company signing a $2m contract with the US Immigration and Customs Enforcement’s homeland security investigations division.

This action follows WhatsApp’s successful legal challenge against NSO Group, another Israeli spyware firm, as **reported** by Hackread.com.  In that case, the NSO Group was found liable for exploiting a WhatsApp vulnerability to deploy its Pegasus spyware on at least 1,400 devices, targeting journalists, activists, and government officials. Hackread.com had **previously reported** that WhatsApp discovered the vulnerability exploited in this attack in May 2019.

The recent Paragon campaign targeted individuals across over two dozen countries, particularly in Europe, with the Italian news outlet fanpage.it confirming it was among those targeted. WhatsApp collaborated with The Citizen Lab, a research group based at the University of Toronto, on its investigation. 

According to Scott-Railton, the targeting of journalists and civil society is a systemic issue within the commercial spyware industry, not an isolated incident.  He also highlighted the potential risk to government personnel from such attacks.  

Paragon and AE Industrial Partners have yet to respond to this news.

WhatsApp’s previous legal victory against NSO Group and its ongoing efforts against Paragon demonstrate its commitment to challenging the spyware industry and protecting user privacy.

“This is the latest example of why spyware companies must be held accountable for their unlawful actions. WhatsApp will continue to protect people’s ability to communicate privately,” WhatsApp’s spokesperson stated.

Israeli Spyware Firm Paragon Linked to WhatsApp Zero-Click Attack

Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI.

Source: mundissima via Alamy Stock Photo

Researchers have tricked DeepSeek, the Chinese generative AI (GenAI) that debuted earlier this month to a whirlwind of publicity and user adoption, into revealing the instructions that define how it operates.

DeepSeek, the new "it girl" in GenAI, was trained at a fractional cost of existing offerings, and as such has sparked competitive alarm across Silicon Valley. This has led to claims of intellectual property theft from OpenAI, and the loss of billions in market cap for AI chipmaker Nvidia. Naturally, security researchers have begun scrutinizing DeepSeek as well, analyzing if what's under the hood is beneficent or evil, or a mix of both. And analysts at Wallarm just made significant progress on this front by jailbreaking it.

In the process, they revealed its entire system prompt, i.e., a hidden set of instructions, written in plain language, that dictates the behavior and limitations of an AI system. They also may have induced DeepSeek to admit to rumors that it was trained using technology developed by OpenAI.

**DeepSeek's System Prompt**

Wallarm informed DeepSeek about its jailbreak, and DeepSeek has since fixed the issue. For fear that the same tricks might work against other popular large language models (LLMs), however, the researchers have chosen to keep the technical details under wraps.

Related:Code-Scanning Tool's License at Heart of Security Breakup

"It definitely required some coding, but it's not like an exploit where you send a bunch of binary data \[in the form of a\] virus, and then it's hacked," explains Ivan Novikov, CEO of Wallarm. "Essentially, we kind of convinced the model to respond \[to prompts with certain biases\], and because of that, the model breaks some kinds of internal controls."

By breaking its controls, the researchers were able to extract DeepSeek's entire system prompt, word for word. And for a sense of how its character compares to other popular models, it fed that text into OpenAI's GPT-4o and asked it to do a comparison. Overall, GPT-4o claimed to be less restrictive and more creative when it comes to potentially sensitive content.

"OpenAI's prompt allows more critical thinking, open discussion, and nuanced debate while still ensuring user safety," the chatbot claimed, where "DeepSeek’s prompt is likely more rigid, avoids controversial discussions, and emphasizes neutrality to the point of censorship."

While the researchers were poking around in its kishkes, they also came across one other interesting discovery. In its jailbroken state, the model seemed to indicate that it may have received transferred knowledge from OpenAI models. The researchers made note of this finding, but stopped short of labeling it any kind of proof of IP theft.

Related:OAuth Flaw Exposed Millions of Airline Users to Account Takeovers

"\[We were\] not retraining or poisoning its answers — this is what we got from a very plain response after the jailbreak. However, the fact of the jailbreak itself doesn't definitely give us enough of an indication that it's ground truth," Novikov cautions. This subject has been particularly sensitive ever since Jan. 29, when OpenAI — which trained its models on unlicensed, copyrighted data from around the Web — made the aforementioned claim that DeepSeek used OpenAI technology to train its own models without permission.

Source: Wallarm

**DeepSeek's Week to Remember**

DeepSeek has had a whirlwind ride since its worldwide release on Jan. 15. In two weeks on the market, it reached 2 million downloads. Its popularity, capabilities, and low cost of development triggered a conniption in Silicon Valley, and panic on Wall Street. It contributed to a 3.4% drop in the Nasdaq Composite on Jan. 27, led by a $600 billion wipeout in Nvidia stock — the largest single-day decline for any company in market history.

Then, right on cue, given its suddenly high profile, DeepSeek suffered a wave of distributed denial of service (DDoS) traffic. Chinese cybersecurity firm XLab found that the attacks began back on Jan. 3, and originated from thousands of IP addresses spread across the US, Singapore, the Netherlands, Germany, and China itself. 

Related:Spectral Capital Files Quantum Cybersecurity Patent

An anonymous expert told the Global Times when they began that "at first, the attacks were SSDP and NTP reflection amplification attacks. On Tuesday, a large number of HTTP proxy attacks were added. Then early this morning, botnets were observed to have joined the fray. This means that the attacks on DeepSeek have been escalating, with an increasing variety of methods, making defense increasingly difficult and the security challenges faced by DeepSeek more severe."

To stem the tide, the company put a temporary hold on new accounts registered without a Chinese phone number.

On Jan. 28, while fending off cyberattacks, the company released an upgraded Pro version of its AI model. The following day, Wiz researchers discovered a DeepSeek database exposing chat histories, secret keys, application programming interface (API) secrets, and more on the open Web.

Elsewhere on Jan. 31, Enkyrpt AI published findings that reveal deeper, meaningful issues with DeepSeek's outputs. Following its testing, it deemed the Chinese chatbot three times more biased than Claud-3 Opus, four times more toxic than GPT-4o, and 11 times as likely to generate harmful outputs as OpenAI's O1. It's also more inclined than most to generate insecure code, and produce dangerous information pertaining to chemical, biological, radiological, and nuclear agents.

Yet despite its shortcomings, "It's an engineering marvel to me, personally," says Sahil Agarwal, CEO of Enkrypt AI. "I think the fact that it's open source also speaks highly. They want the community to contribute, and be able to utilize these innovations. I think that's why a lot of closed-source model providers are sort of scared."

He adds, too, that "there are other models that are worse than DeepSeek. It's just that DeepSeek is so much in the news, so it has a lot of eyes on it."

**About the Author**

Nate Nelson is a writer based in New York City. He formerly worked as a reporter at Threatpost, and wrote "Malicious Life," an award-winning Top 20 tech podcast on Apple and Spotify. Outside of Dark Reading, he also co-hosts "The Industrial Security Podcast."

DeepSeek Jailbreak Reveals Its Entire System Prompt

The ABB Cylon FLXeon (BACnet) controller suffers from an unauthenticated remote code execution vulnerability with root privileges. Input passed through the login.js script for the password JSON parameter allows out-of-band command injection.

Title: ABB Cylon FLXeon 9.3.4 (login.js) Unauthenticated Root Remote Code Execution  
Advisory ID: ZSL-2025-5907  
Type: Local/Remote  
Impact: System Access, DoS  
Risk: (5/5)  
Release Date: 31.01.2025

**Summary**

BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boilers, chillers, cooling towers, heat pump systems, air handling units (constant volume, variable air volume, and multi-zone), rooftop units, electrical systems such as lighting control, variable frequency drives and metering.

The FLXeon Controller Series uses BACnet/IP standards to deliver unprecedented connectivity and open integration for your building automation systems. It's scalable, and modular, allowing you to control a diverse range of HVAC functions.

**Description**

The ABB Cylon FLXeon (BACnet) controller suffers from an unauthenticated remote code execution vulnerability with root privileges. Input passed through the login.js script for the password JSON parameter allows out-of-band command injection.

**Vendor**

ABB Ltd. - https://www.global.abb

**Affected Version**

FLXeon Series (FBXi Series, FBTi Series, FBVi Series)  
CBX Series (FLX Series)  
CBT Series  
CBV Series  
Firmware: <=9.3.4

**Tested On**

Linux Kernel 5.4.27  
Linux Kernel 4.15.13  
NodeJS/8.4.0  
Express

**Vendor Status**

\[21.04.2024\] Vulnerability discovered.  
\[22.04.2024\] Vendor contacted.  
\[22.04.2024\] Vendor responds.  
\[02.05.2024\] Working with the vendor.  
\[20.01.2025\] Vendor releases version 9.3.5 to address this issue.  
\[31.01.2025\] Coordinated public security advisory released.

**PoC**

flxeon.py

**Credits**

Vulnerability discovered by Gjoko Krstic - <gjoko@zeroscience.mk\>

**References**

\[1\] https://search.abb.com/library/Download.aspx?DocumentID=9AKK108470A5684&LanguageCode=en&DocumentPartId=PDF&Action=Launch  
\[2\] https://library.e.abb.com/public/ABB\_Cylon\_Bulletin\_0546\_FBVi\_FBTi\_FBXi\_CBXi\_Firmware\_v9.3.5.pdf  
\[3\] https://www.cve.org/CVERecord?id=CVE-2024-48841

**Changelog**

\[31.01.2025\] - Initial release

**Contact**

Zero Science Lab

Web: https://www.zeroscience.mk  
e-mail: lab@zeroscience.mk

Tag

#intel