Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

DeepSeek-R1 produces less secure code when prompts contain politically sensitive topics

Technical Analysis
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

DeepSeek-R1 is generating less secure code when prompts include politically sensitive topics, raising the risk of severe vulnerabilities in AI-assisted development. In testing, the rate of severe flaws climbed from 19% at baseline to 27.2% under a Tibet-linked prompt, and the likelihood of severe vulnerabilities was reported to rise by up to 50%. The pattern matters because the model can still produce plausible-looking code while omitting authentication, session management, or secure handling of secrets. The findings suggest prompt content can materially change the security quality of generated code.

Related Happenings

OpenNDS zero-day vulnerabilities (multiple vulnerabilities)

Vulnerability
First: 17.04.2026 16:20 Last: 17.04.2026 16:20 Sources 1

About this happening: Researchers uncovered **four new zero-day vulnerabilities** in **OpenNDS**, creating unknown-risk exposure in a **widely deployed** software component. The flaws were found using...

Open Happening

OpenAI ChatGPT security update for prompt exfiltration flaw

Security Patch Release
First: 31.03.2026 16:01 Last: 31.03.2026 16:01 Sources 1

About this happening: OpenAI deployed a **security update** for **ChatGPT** on **February 20**, closing a flaw that could let a **single malicious prompt** covertly exfiltrate **prompts, messages, uplo...

Open Happening

Anthropic Claude Code code injection and API key disclosure flaws (multiple vulnerabilities)

Vulnerability
First: 25.02.2026 19:00 Last: 25.02.2026 19:00 Sources 1

About this happening: **Anthropic's Claude Code** has multiple disclosed flaws that can enable **remote code execution** and **API key theft** when developers open **untrusted repositories**. The issue...

Open Happening

Anthropic launches Claude Opus 4.6 with code review and vulnerability-finding capabilities

Security Tool/Service
First: 06.02.2026 07:49 Last: 06.02.2026 07:49 Sources 1

About this happening: **Anthropic** launched **Claude Opus 4.6** with stronger **code review** and **debugging** support, and the model has already been used to uncover **more than 500** previously unk...

Open Happening

Whisper Leak side-channel analysis on streaming LLM traffic

Technical Analysis
First: 08.11.2025 16:29 Last: 08.11.2025 16:29 Sources 1

About this happening: Microsoft disclosed **Whisper Leak**, a side-channel attack that can infer **sensitive prompt topics** from **encrypted TLS traffic** in **streaming LLM conversations**, weakening...

Open Happening

Timeline

  1. 24.11.2025 13:07 2 articles · 6mo ago

    DeepSeek-R1 analysis links sensitive prompts to weaker code

    Technical Analysis Update

    CrowdStrike's analysis found that DeepSeek-R1, a DeepSeek coding and reasoning model, generated less secure code when prompts included politically sensitive topics such as Tibet, Uyghurs, and Falun Gong. The company reported a 19% baseline rate of vulnerable output without trigger words, rising to 27.2% under a Tibet-linked prompt and up to a 50% increase in severe-vulnerability likelihood in some tests. Example outputs for a PayPal webhook handler in PHP and an Android sign-in app for a Uyghur community service included hard-coded secrets, missing authentication and session management, insecure or absent hashing, and other security flaws.

    Show sources
    Open in new tab