According to Nagli on X (twitter.com/galnagli), newly deployed AI services are increasingly introducing critical security bugs by exposing internal infrastructure to the public internet without authentication, citing a case where DeepSeek allegedly left its internal ClickHouse database publicly accessible, leaking sensitive data (as reported by Nagli on X). According to the same thread, these issues arise from AI-led automation and rapid shipping patterns rather than legacy code, underscoring urgent needs for default-deny networking, managed secrets, and database auth hardening in AI data pipelines. As reported by Nagli, the business impact for AI companies includes potential data leakage of prompts, logs, and model metrics, compliance violations, and reputational damage—highlighting immediate opportunities for vendors offering posture management for LLM stacks, agent runtime firewalls, and zero-trust controls around analytics stores.