DeepSeek’s mobile app for Apple iOS devices is riddled with security issues, the most serious of which is the sending of sensitive user and device data over the internet without encryption.

According to a report by NowSecure researchers, the app sends “mobile app registration and device data over the internet without encryption. This exposes any data in the internet traffic to both passive and active attacks.”

The researchers also found several implementation weaknesses when it comes to applying encryption on user data, including the use of an insecure symmetric encryption algorithm (3DES), a hardcoded encryption key, and the reuse of initialization vectors.

“The DeepSeek iOS app globally disables App Transport Security (ATS) which is an iOS platform level protection that prevents sensitive data from being sent over unencrypted channels,” NowSecure said. “Since this protection is disabled, the app can (and does) send unencrypted data over the internet.”

In addition, the data is sent to servers managed by a cloud compute and storage platform (Volcano Engine) owned by ByteDance, the Chinese company that also operates TikTok. DeepSeek’s link to ByteDance will only serve to make already suspicious U.S. regulators even more wary of the AI newcomer.

So-called LLMjacking operations have got hold of stolen DeepSeek API keys just weeks after the company publicly released its generative AI platform

LLMjacking involves the illicit use of large language models (LLMs) from OpenAI, Anthropic, etc., to generate images, circumvent national bans, and more, while passing the bill along to someone else.

According to a report by Sysdig researchers, just days after DeepSeek released its DeepSeek-V3 model on December 26, LLMjackers had obtained access. Then, when DeepSeek-R1 was released on January 20, the hackers gained access the following day.

“This isn’t just a fad anymore,” Sysdig cybersecurity strategist Crystal Morin says of LLMjacking. “This is far beyond where it was when we first discovered it last May.”

LLM usage can incur significant costs. For instance, according to Sysdig’s rough calculations, 24/7 usage of GPT-4 could cost an account holder upwards of half a million dollars. This has, according to Sysdig, resulted in a rise in the monetization of LLMjacking where LLM access is being sold through OpenAI Reverse Proxies (ORPs). Access to LLMs in these cases can be obtained for as little as $30 per month.

Apple has issued emergency updates to address a zero-day vulnerability exploited in attacks it said were targeted and “extremely sophisticated”.

“A physical attack may disable USB Restricted Mode on a locked device,” the company stated in an advisory for iPhone and iPad users. “Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

USB Restricted Mode prevents an Apple iOS and iPadOS device from communicating with a connected accessory if it has not been unlocked and connected to an accessory within the past hour.

The vulnerability (CVE-2025-24200) is described as an authorization issue. No further details are available currently.

The update is available for the following devices and operating systems:

• iOS 18.3.1 and iPadOS 18.3.1 – iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later

• iPadOS 17.7.5 – iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation

Lee Enterprises, one of the largest newspaper groups in the U.S., has had its operations impacted by a cyberattack that began on February 3.

Newsrooms owned by Lee Enterprises said the cyberattack forced the company to shut down many of its networks, disrupting the printing and delivery of dozens of newspapers. VPNs used to connect securely to the network of the newspaper group were also reportedly not working, with reporters and editors unable to access their files.

Lee Enterprises did not comment on what type of cyberattack the company had been subjected to, or if ransomware was involved. “Our technology response team has been working with third-party specialists to fully restore our systems and investigate the nature of these disruptions,” the company said in a statement. “We are working to complete this investigation as quickly and thoroughly as possible, but these types of investigations are complex and time-consuming, with many taking several weeks or longer to complete.”

The newspaper conglomerate publishes 77 daily newspapers and 350 weekly and specialty publications in 26 states, with its portfolio including well-known publications such as the St Louis Post-Dispatch and the Arizona Daily Star

Tools that are usually associated with China-based espionage actors were recently deployed in an attack involving the RA World ransomware against an Asian software and services company.

According to new research from Symantec’s Threat Hunter Team, the attacker deployed a distinct toolset that had previously been used by a China-linked actor in classic espionage attacks.

In all the prior intrusions involving the toolset, the attacker appeared to be engaged in classic espionage, seemingly solely interested in maintaining a persistent presence on the targeted organizations by installing backdoors. Previous targets included governments in two different European countries, two governments in Southeast Asia, and an Asian telecoms operator. No ransomware was deployed in these attacks and information gathering appeared to be the primary goal.

It is unclear why an actor who appears to be linked to espionage operations is also mounting a ransomware attack. The most likely scenario is that an actor, possibly one individual, was attempting to make some money on the side using their employer’s toolkit.

A relatively new ransomware operation called Sarcoma has claimed responsibility for an attack against Taiwanese circuit board maker Unimicron.

Unimicron is one of the world’s largest manufacturers of printed circuit boards (PCBs), with plants and service centers in Taiwan, China, Germany, and Japan. Its products are extensively used in LCD monitors, computers, smartphones, and more. The company disclosed in a bulletin published in the Taiwan Stock Exchange (TWSE) portal that on February 1 it suffered disruption from a ransomware attack that impacted its China-based subsidiary Unimicron Technology (Shenzhen) Corp.

Unimicron did not acknowledge a data breach as part of the incident at that time, but Sarcoma has now published samples of files allegedly stolen from the company’s systems on its leaks site and has said it will leak everything next week if a ransom is not paid. Sarcoma claims to be holding 377 GB of SQL files and documents exfiltrated from the Taiwanese company.

Sarcoma first appeared in October 2024 and claimed 36 victims in its first month of operation. The attackers using the ransomware have used both phishing attacks and software supply chain compromise to gain access to victim networks.

Researchers have found a way to bypass a patch for a vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and access the underlying host.

The new vulnerability (CVE-2025-23359 – CVSS score: 8.3) affects the following products:

• NVIDIA Container Toolkit (All versions up to and including 1.17.3) – Fixed in version 1.17.4

• NVIDIA GPU Operator (All versions up to and including 24.9.1) – Fixed in version 24.9.2

“NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Use (TOCTOU) vulnerability when used with default configuration, where a crafted container image could gain access to the host file system,” NVIDIA said in an advisory. “A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.”

CVE-2025-23359 is a bypass for another vulnerability (CVE-2024-0132 – CVSS score: 9.0) that was addressed by NVIDIA in September 2024.

File paths used during mount operations can be manipulated using a symbolic link such that it makes it possible to mount from outside the container into a path within “/usr/lib64.” While the access to the host file system afforded by the container escape is read-only, this limitation can be circumvented by interacting with the Unix sockets to spawn new privileged containers and gain unrestricted access to the file system. “This elevated level of access also allowed us to monitor network traffic, debug active processes, and perform a range of other host-level operations,” the researchers said.

NVIDIA Container Toolkit users are advised to update to the latest version as soon as possible and are also recommended to not disable the “–no-cntlibs” flag in production environments.

Intel on Tuesday (February 11) published 34 new advisories about recently patched vulnerabilities in its products.

One of the advisories describes Server Board BMC issues that can lead to privilege escalation, information disclosure, and denial of service (DoS). Intel Server Board products are affected by a critical unauthenticated privilege escalation vulnerability introduced by the use of AMI BMC firmware. In addition, Server Board products are impacted by two high-severity privilege escalation issues, and two medium-severity bugs that can allow DoS attacks and information disclosure.

The advisories also detail high-severity vulnerabilities in Driver Support Assistant (privilege escalation), processor UEFI firmware (privilege escalation and information disclosure), QuickAssist (privilege escalation), chipset firmware (DoS), System Security Report and System Resource Defense (privilege escalation), Battery Life Diagnostic Tool (privilege escalation), PROSet/Wireless WiFi and Killer WiFi (DoS), Graphics software (privilege escalation), and Memory Latency Checker (DoS).

Meanwhile, AMD released 11 new advisories on issues affecting its products. Vulnerabilities patched by the company in February include server, client, and embedded processor vulnerabilities, including several high-severity flaws that attackers may be able to exploit for arbitrary code execution. The vulnerabilities are caused by improper input validation in the SMM (System Management Mode) handler. AMD also published two separate advisories addressing other high-severity issues related to SMM.

AMD also addressed high-severity graphics driver and GPU flaws, many of which could lead to DoS or data corruption. The company also warned of DLL hijacking vulnerabilities in AMD Integrated Management Technology (AIM-T) and Ryzen Master Utility that could allow privilege escalation and code execution. In addition, a high-severity bug in the AMD Desktop and mobile Architecture for System Hardware (DASH) command line interface could allow arbitrary code execution.