{"id":58241,"date":"2025-03-04T00:00:00","date_gmt":"2025-03-04T00:00:00","guid":{"rendered":"urn:uuid:9b08f94f-51e0-28e8-6e1d-f14284041950"},"modified":"2025-03-04T00:00:00","modified_gmt":"2025-03-04T00:00:00","slug":"exploiting-deepseek-r1-breaking-down-chain-of-thought-security","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/","title":{"rendered":"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/deepseek-cot-976:Large?qlt=80\"><!-- OneTrust Cookies Consent Notice start for trendmicro.com --><!-- OneTrust Cookies Consent Notice end for trendmicro.com --> <head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\"> <meta name=\"description\" content=\"This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation and sensitive data theft.\"> <meta name=\"robots\" content=\"index,follow\"> <meta name=\"keywords\"> <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"> <meta name=\"template\" content=\"article1withouthero\"> <meta property=\"article:published_time\" content=\"2025-03-04\"> <meta property=\"article:tag\" content=\"cyber risk\"> <meta property=\"article:section\" content=\"research\"> <link rel=\"icon\" type=\"image\/ico\" href=\"\/content\/dam\/trendmicro\/favicon.ico\"> <link rel=\"canonical\" href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/c\/exploiting-deepseek-r1.html\"> <title>Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security | Trend Micro (US)<\/title> <link href=\"https:\/\/fonts.googleapis.com\/css?family=Open+Sans:300,300i,400,400i,600\" rel=\"stylesheet\">\n<link href=\"\/\/customer.cludo.com\/css\/296\/1798\/cludo-search.min.css\" type=\"text\/css\" rel=\"stylesheet\"> <link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch.min.css\" type=\"text\/css\">\n<link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendmicro\/clientlibs\/trendmicro-core-2\/clientlibs\/header-footer.min.css\" type=\"text\/css\"> <meta property=\"og:url\" content=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/c\/exploiting-deepseek-r1.html\"><br \/>\n<meta property=\"og:title\" content=\" Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security\"><br \/>\n<meta property=\"og:description\" content=\"This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation and sensitive data theft.\"><br \/>\n<meta property=\"og:site_name\" content=\"Trend Micro\"><br \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/25\/deepseek-cot-976.png\"><br \/>\n<meta property=\"og:locale\" content=\"en_US\"> <meta name=\"twitter:card\" content=\"summary_large_image\"><br \/>\n<meta name=\"twitter:site\" content=\"@TrendMicro\"><br \/>\n<meta name=\"twitter:title\" content=\" Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security\"><br \/>\n<meta name=\"twitter:description\" content=\"This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation and sensitive data theft.\"><br \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/25\/deepseek-cot-976.png\"> <\/head> <body class=\"articlepage page basicpage context-business\" id=\"readabilityBody\" readability=\"49.796255886069\"> <!-- Page Scroll: Back to Top --> <a id=\"page-scroll\" title=\"VerticalPageScroll\" href=\"javascript:jumpScroll($(this).scrollTop());\"> <span class=\"icon-chevron-up\"><\/span> <\/a> <!-- \/* Data Layers *\/ --> <\/p>\n<div class=\"root responsivegrid\">\n<div class=\"aem-Grid aem-Grid--12 aem-Grid--default--12 \">\n<div class=\"articleBodyNoHero aem-GridColumn aem-GridColumn--default--12\">\n<div class=\"research-layout article container\" role=\"contentinfo\">\n<article class=\"research-layout--wrapper row\" data-article-pageid=\"1274043594\">\n<div class=\"col-xs-12 col-md-12 one-column\">\n<div class=\"col-xs-12 col-md-12\" readability=\"9.5\">\n<div class=\"article-details\" role=\"heading\" readability=\"39\"> <span class=\"article-details__bar\" role=\"img\"><\/span> <\/p>\n<p class=\"article-details__display-tag\">Cyber Risk<\/p>\n<p class=\"article-details__description\">This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation, and sensitive data theft. <\/p>\n<p class=\"article-details__author-by\">By: Trent Holmes, Willem Gooderham <time class=\"article-details__date\">March 04, 2025<\/time> <span>Read time:&nbsp;<\/span><span class=\"eta\"><\/span> (<span class=\"words\"><\/span> words) <\/p>\n<div class=\"article-details__icons\"> <!--Add This--> <\/p>\n<div class=\"a2a_kit a2a_default_style\" data-a2a-icon-color=\"#717172\"> <a class=\"a2a_dd addthis_link\" href=\"https:\/\/www.addtoany.com\/share\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch\/resources\/img\/share-more.svg\" class=\"svg-icon\" alt=\"Share\"> <\/a> <a class=\"a2a_button_print addthis_link\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch\/resources\/img\/printer.svg\" class=\"svg-icon\" alt=\"Print\"> <\/a> <\/div>\n<p> <!--Add to Folio--> <!--Subscribe--> <\/div>\n<\/div><\/div>\n<\/p><\/div>\n<hr class=\"research-layout-divider\"> <main class=\"main--content col-xs-12 col-lg-8 col-lg-push-2\"> <\/p>\n<div class=\"richText\" readability=\"40.081933842239\">\n<div readability=\"26.395419847328\">\n<ul>\n<li><span class=\"rte-red-bullet\">DeepSeek-R1 uses Chain of Thought (CoT) reasoning, explicitly sharing its step-by-step thought process, which we found was exploitable for prompt attacks.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Prompt attacks can exploit the transparency of CoT reasoning to achieve malicious objectives, similar to phishing tactics, and can vary in impact depending on the context.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">We used tools like NVIDIA\u2019s Garak to test various attack techniques on DeepSeek-R1, where we discovered that insecure output generation and sensitive data theft had higher success rates due to the CoT exposure.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">To mitigate the risk of prompt attacks, it is recommended to filter out&nbsp;&lt;think&gt;&nbsp;tags from LLM responses in chatbot applications and employ red teaming strategies for ongoing vulnerability assessments and defenses.<\/span><\/li>\n<\/ul>\n<p>Welcome to the inaugural article in a series dedicated to evaluating AI models. In this entry, we\u2019ll examine the release of Deepseek-R1.<\/p>\n<p>The growing usage of chain of thought (CoT) reasoning marks a new era for large language models. CoT reasoning encourages the model to think through its answer before the final response. A distinctive feature of DeepSeek-R1 is its direct sharing of the CoT reasoning. We conducted a series of prompt attacks against the 671-billion-parameter DeepSeek-R1 and found that this information can be exploited to significantly increase attack success rates.<\/p>\n<p><a href=\"https:\/\/arxiv.org\/pdf\/2201.11903\">CoT reasoning<\/a> encourages a model to take a series of intermediate steps before arriving at a final response. This approach has been shown to enhance the performance of large models on math-focused benchmarks, such as the GSM8K dataset for word problems.<\/p>\n<p>CoT has become a cornerstone for state-of-the-art reasoning models, including <a href=\"https:\/\/cdn.openai.com\/o1-system-card.pdf\">OpenAI\u2019s O1<\/a> and <a href=\"https:\/\/cdn.openai.com\/o3-mini-system-card-feb10.pdf\">O3-mini<\/a> plus <a href=\"https:\/\/www.thewirechina.com\/wp-content\/uploads\/2025\/01\/DeepSeek-R1-Document.pdf\">DeepSeek-R1<\/a>, all of which are trained to employ CoT reasoning.<\/p>\n<p>A notable characteristic of the Deepseek-R1 model is that it explicitly shows its reasoning process within the &lt;think&gt; &lt;\/think&gt; tags included in response to a prompt.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"d11bae\" data-modal-title=\"Figure 1. Deepseek-R1 providing its reasoning process\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig1.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig1.png\" alt=\"Figure 1. Deepseek-R1 providing its reasoning process\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 1. Deepseek-R1 providing its reasoning process<\/figcaption><\/div>\n<\/figure><\/div>\n<div>\n<div class=\"richText\" readability=\"30.928251121076\">\n<div readability=\"10.309417040359\">\n<p>A prompt attack is when an attacker crafts and sends prompts to an LLM to achieve a malicious objective. These <a href=\"https:\/\/arxiv.org\/pdf\/2501.07927\">prompt attacks<\/a> can be broken down into two parts, the attack technique, and the attack objective.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"fdc958\" data-modal-title=\"Figure 2. Tricking the LLM into revealing its system prompt\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig2.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig2.png\" alt=\"Figure 2. Tricking the LLM into revealing its system prompt\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 2. Tricking the LLM into revealing its system prompt<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"35\">\n<div readability=\"15\">\n<p>In the example above, the attack is attempting to trick the LLM into revealing its system prompt, which are a set of overall instructions that define how the model should behave. Depending on the system context, the impact of revealing the system prompt can vary. For example, within an agent-based AI system, the attacker can use this technique to discover all the tools available to the agent.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"c75131\" data-modal-title=\"Figure 3. A sample AI model\u2019s system prompt\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig3.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig3.png\" alt=\"Figure 3. A sample AI model\u2019s system prompt\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 3. A sample AI model\u2019s system prompt<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"36.397837837838\">\n<div readability=\"20.114594594595\">\n<p>The process of developing these techniques mirrors that of an attacker searching for ways to trick users into clicking on phishing links. Attackers identify methods that bypass system guardrails and exploit them until defenses catch up\u2014creating an ongoing cycle of adaptation and countermeasures.<\/p>\n<p>Given the expected growth of agent-based AI systems, prompt attack techniques are expected to continue to evolve, posing an increasing risk to organizations. A notable example occurred with Google\u2019s Gemini integrations, where researchers discovered that indirect prompt injection could lead the model to <a href=\"https:\/\/hiddenlayer.com\/innovation-hub\/new-gemini-for-workspace-vulnerability\/\">generate phishing links<\/a>.<\/p>\n<p>We used open-source red team tools such as <a href=\"https:\/\/github.com\/NVIDIA\/garak\">NVIDIA\u2019s Garak<\/a><b> <\/b>\u2014designed to identify vulnerabilities in LLMs by sending automated prompt attacks\u2014along with specially crafted prompt attacks to analyze DeepSeek-R1\u2019s responses to various attack techniques and objectives.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"653eb7\" data-modal-title=\"Figure 4. Attack objectives and the techniques performed against DeepSeek-R1\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig4.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig4.png\" alt=\"Figure 4. Attack objectives and the techniques performed against DeepSeek-R1\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 4. Attack objectives and the techniques performed against DeepSeek-R1<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\">\n<div class=\"responsive-table-wrap\">\n<table cellpadding=\"1\" cellspacing=\"0\" border=\"1\" width=\"100%\" height=\"10%\">\n<tbody readability=\"4\">\n<tr>\n<th scope=\"col\">Name<\/th>\n<th scope=\"col\">OWASP ID<\/th>\n<th scope=\"col\">MITRE ATLAS ID<\/th>\n<\/tr>\n<tr readability=\"4\">\n<td height=\"30\" width=\"291\">Prompt injection<\/td>\n<td width=\"291\">LLM01:2025 \u2013 Prompt Injection<\/td>\n<td width=\"291\">AML.T0051 \u2013 LLM Prompt Injection<\/td>\n<\/tr>\n<tr readability=\"4\">\n<td height=\"30\" width=\"291\">Jailbreak<\/td>\n<td width=\"291\">LLM01:2025 \u2013 Prompt Injection<\/td>\n<td width=\"291\">AML.T0054 \u2013 LLM Jailbreak<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"31.5\">\n<div readability=\"8\">\n<p><sup>Table 1. Attack techniques and their corresponding risk classifications under the OWASP and MITRE ATLAS indices<\/sup><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\">\n<div class=\"responsive-table-wrap\">\n<table cellpadding=\"1\" cellspacing=\"0\" border=\"1\" width=\"100%\" height=\"10%\">\n<tbody readability=\"11\">\n<tr>\n<th scope=\"col\">Name<\/th>\n<th scope=\"col\">OWASP ID<\/th>\n<th scope=\"col\">MITRE ATLAS ID<\/th>\n<\/tr>\n<tr readability=\"4\">\n<td height=\"30\" width=\"291\">Jailbreak<\/td>\n<td width=\"291\">LLM01:2025 \u2013 Prompt Injection<\/td>\n<td width=\"291\">AML.T0054 \u2013 LLM Jailbreak<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td height=\"30\" width=\"291\">Model theft<\/td>\n<td width=\"291\">&nbsp;<\/td>\n<td width=\"291\">AML.T0048.004 \u2013 External Harms: ML Intellectual Property Theft<\/td>\n<\/tr>\n<tr readability=\"4\">\n<td height=\"30\" width=\"291\">Package hallucination<\/td>\n<td width=\"291\">LLM09:2025 \u2013 Misinformation<\/td>\n<td width=\"291\">AML.T0062 \u2013 Discover LLM Hallucinations<\/td>\n<\/tr>\n<tr readability=\"4\">\n<td height=\"30\" width=\"291\">Sensitive data theft<\/td>\n<td width=\"291\">LLM02:2025 \u2013 Sensitive Information Disclosure<\/td>\n<td width=\"291\">AML.T0057 \u2013 LLM Data Leakage<\/td>\n<\/tr>\n<tr readability=\"6\">\n<td height=\"30\" width=\"291\">Insecure output generation<\/td>\n<td width=\"291\">LLM05:2025 \u2013 Improper Output Handling<\/td>\n<td width=\"291\">AML.T0050 \u2013 Command and Scripting Interpreter<\/td>\n<\/tr>\n<tr readability=\"2\">\n<td height=\"30\" width=\"291\">Toxicity<\/td>\n<td width=\"291\">&nbsp;<\/td>\n<td width=\"291\">AML.T0048 \u2013 External Harms<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"31.5\">\n<div readability=\"8\">\n<p><sup>Table 2. Attack objectives and their corresponding risk classifications under the OWASP and MITRE ATLAS indices<\/sup><\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"richText\" readability=\"38\">\n<div readability=\"21\">\n<h2><span class=\"body-subhead-title\">Stealing secrets<\/span><\/h2>\n<p>Sensitive information should never be included in system prompts. However, a lack of security awareness can lead to their unintentional exposure. In this example, the system prompt contains a secret, but a prompt hardening defense technique is used to instruct the model not to disclose it.<\/p>\n<p>As seen below, the final response from the LLM does not contain the secret. However, the secret is clearly disclosed within the &lt;think&gt; tags, even though the user prompt does not ask for it. &nbsp;To answer the question the model searches for context in all its available information in an attempt to interpret the user prompt successfully. Consequently, this results in the model using the API specification to craft the HTTP request required to answer the user&#8217;s question. This inadvertently results in the API key from the system prompt being included in its chain-of-thought.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"010787\" data-modal-title=\"Figure 5. A secret being exposed in DeepSeek-R1's CoT (click the image to enlarge)\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig5.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig5.png\" alt=\"Figure 5. A secret being exposed in DeepSeek-R1's CoT (click the image to enlarge)\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 5. A secret being exposed in DeepSeek-R1&#8217;s CoT (click the image to enlarge)<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"32.5\">\n<div readability=\"10\">\n<h2><span class=\"body-subhead-title\">Discovering attack methods using CoT<\/span><\/h2>\n<p>In this section, we demonstrate an example of how to exploit the exposed CoT through a discovery process. First, we attempted to directly ask the model to achieve our goal:<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"e20287\" data-modal-title=\"Figure 6. Directly asking the model for sensitive information\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig6.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig6.png\" alt=\"Figure 6. Directly asking the model for sensitive information\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 6. Directly asking the model for sensitive information<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"32\">\n<div readability=\"9\">\n<p>When the model denied our request, we then explored its guardrails by directly inquiring about them.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"fdd501\" data-modal-title=\" Figure 7. Asking the model about its guardrails\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig7.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig7.png\" alt=\" Figure 7. Asking the model about its guardrails\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption> Figure 7. Asking the model about its guardrails<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"31.5\">\n<div readability=\"8\">\n<p>The model appears to have been trained to reject impersonation requests. We can further inquire about its thought process regarding impersonation.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"b338d8\" data-modal-title=\"Figure 8. Finding a loophole in the model\u2019s reasoning\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig8.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig8.png\" alt=\"Figure 8. Finding a loophole in the model\u2019s reasoning\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 8. Finding a loophole in the model\u2019s reasoning<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"9d3226\" data-modal-title=\"Figure 9. The attack scenario (click the image to enlarge)\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig9.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig9.png\" alt=\"Figure 9. The attack scenario (click the image to enlarge)\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 9. The attack scenario (click the image to enlarge)<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"34.182879377432\">\n<div readability=\"14.649805447471\">\n<p>We used <a href=\"https:\/\/github.com\/NVIDIA\/garak\">NVIDIA Garak<\/a> to assess how different attack objectives perform against DeepSeek-R1. Our findings indicate a higher attack success rate in the categories of <b>insecure output generation<\/b> and <b>sensitive data theft<\/b> compared to <b>toxicity, jailbreak, model theft, and package hallucination<\/b>. We suspect this discrepancy may be influenced by the presence of &lt;think&gt; tags in the model&#8217;s responses. However, further research is needed to confirm this, and we plan to share our findings in the future.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <a class=\"bs-modal\" id=\"8ac759\" data-modal-title=\"Figure 10. Garak attack success rate broken down per attack objective\" href=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig10.png\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/25\/b\/exploiting-deepseek-r1\/Fig10.png\" alt=\"Figure 10. Garak attack success rate broken down per attack objective\"> <\/a> <\/p>\n<div class=\"caption-image-container \"><figcaption>Figure 10. Garak attack success rate broken down per attack objective<\/figcaption><\/div>\n<\/figure><\/div>\n<div class=\"richText\" readability=\"38\">\n<div readability=\"21\">\n<p>Our research indicates that the content within &lt;think&gt; tags in model responses can contain valuable information for attackers. Exposing the model\u2019s CoT increases the risk of threat actors discovering and refining prompt attacks to achieve malicious objectives. To mitigate this, we recommend filtering &lt;think&gt; tags from model responses in chatbot applications.<\/p>\n<p>Additionally, <b>red teaming<\/b> is a crucial risk mitigation strategy for LLM-based applications. In this article, we demonstrated an example of adversarial testing and highlighted how tools like NVIDIA\u2019s Garak can help reduce the attack surface of LLMs. We are excited to continue sharing our research as the threat landscape evolves. In the coming months, we plan to evaluate a wider range of models, techniques, and objectives to provide deeper insights.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<section class=\"tag--list\">\n<p>Tags<\/p>\n<\/section>\n<p> <\/main> <\/article>\n<\/div>\n<\/div><\/div>\n<\/div>\n<p> <!-- \/* Core functionality javascripts, absolute URL to leverage Akamai CDN *\/ --> <!--For Modal-start--> <\/p>\n<p> <span>sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk<\/span> <\/p>\n<p> <!--For Modal-end--> <\/body> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/25\/c\/exploiting-deepseek-r1.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This entry explores how the Chain of Thought reasoning in the DeepSeek-R1 AI model can be susceptible to prompt attacks, insecure output generation, and sensitive data theft. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9510,10938,11125,9511,9509],"class_list":["post-58241","post","type-post","status-publish","format-standard","hentry","category-trendmicro","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-artificial-intelligence-ai","tag-trend-micro-research-cyber-risk","tag-trend-micro-research-cyber-threats","tag-trend-micro-research-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2025-03-04T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/deepseek-cot-976:Large?qlt=80\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security\",\"datePublished\":\"2025-03-04T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/\"},\"wordCount\":1242,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/deepseek-cot-976:Large?qlt=80\",\"keywords\":[\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Artificial Intelligence (AI)\",\"Trend Micro Research : Cyber Risk\",\"Trend Micro Research : Cyber Threats\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/\",\"name\":\"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/deepseek-cot-976:Large?qlt=80\",\"datePublished\":\"2025-03-04T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/deepseek-cot-976:Large?qlt=80\",\"contentUrl\":\"https:\\\/\\\/trendmicro.scene7.com\\\/is\\\/image\\\/trendmicro\\\/deepseek-cot-976:Large?qlt=80\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : Articles, News, Reports\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-articles-news-reports\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/","og_locale":"en_US","og_type":"article","og_title":"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2025-03-04T00:00:00+00:00","og_image":[{"url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/deepseek-cot-976:Large?qlt=80","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security","datePublished":"2025-03-04T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/"},"wordCount":1242,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/#primaryimage"},"thumbnailUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/deepseek-cot-976:Large?qlt=80","keywords":["Trend Micro Research : Articles, News, Reports","Trend Micro Research : Artificial Intelligence (AI)","Trend Micro Research : Cyber Risk","Trend Micro Research : Cyber Threats","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/","url":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/","name":"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/#primaryimage"},"thumbnailUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/deepseek-cot-976:Large?qlt=80","datePublished":"2025-03-04T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/#primaryimage","url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/deepseek-cot-976:Large?qlt=80","contentUrl":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/deepseek-cot-976:Large?qlt=80"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/exploiting-deepseek-r1-breaking-down-chain-of-thought-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : Articles, News, Reports","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-articles-news-reports\/"},{"@type":"ListItem","position":3,"name":"Exploiting DeepSeek-R1: Breaking Down Chain of Thought Security"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/58241","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=58241"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/58241\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=58241"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=58241"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=58241"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}