← AI Safety Orgs

DeepSeek

Frontier Lab

Chinese frontier. Efficiency innovations.

Founded
2023
HQ
Hangzhou, Zhejiang, China
Team
150
Structure
other
Model
Mixed

Theory of Change

DeepSeek's stated goal is artificial general intelligence (AGI), pursued through open research rather than commercialization. Founder Liang Wenfeng: "Our goal is AGI -- artificial general intelligence. Large language models are likely a necessary step toward AGI and already exhibit some of its characteristics, so we'll start there." He frames this as curiosity-driven research inseparable from a national project: "We believe that as the economy develops, China should gradually become a contributor rather than always free-riding. Over the past three decades of IT waves, we've hardly participated in real technological innovation."

The theory of change, such as it is: build frontier AI capabilities through algorithmic innovation, release everything as open-weight under MIT License, and thereby advance both AGI research and China's position as a technology innovator. Liang: "Open-sourcing and publishing papers don't mean we lose anything. For technical professionals, being followed is a deeply fulfilling experience. In fact, open source is more of a cultural act than a commercial one."

DeepSeek does not articulate any theory of change related to AI safety. The concept does not appear in any of Liang's interviews, DeepSeek's publications, or the company's public communications.

What They Do

DeepSeek has released 8+ major model families in ~2 years, each introducing genuine architectural innovations:

  • DeepSeek-V2 (May 2024): Multi-Head Latent Attention (MLA, reducing KV cache 93%) and DeepSeekMoE with shared experts. Triggered a Chinese AI price war.
  • DeepSeek-V3 (Dec 2024): 671B parameters, FP8 training, multi-token prediction. Claimed $5.6M training cost (GPU hours only; total infrastructure estimated at $1.6B by SemiAnalysis).
  • DeepSeek-R1 (Jan 2025): Reasoning model comparable to OpenAI o1. R1-Zero demonstrated emergent reasoning from pure RL. Became #1 free app in US App Store; caused $600B Nvidia crash and $1T+ tech selloff.
  • DeepSeek V3.1 (Aug 2025): Hybrid thinking/non-thinking modes. 40%+ improvement on SWE-bench over predecessors.
  • DeepSeek V3.2 (Dec 2025): Comparable to GPT-5. Sparse attention innovation.
  • V4 (expected Mar 2026): Reportedly trained on Nvidia Blackwell chips. Being optimized for Huawei's Ascend chips first, with US chipmakers excluded from early access.

All models released under MIT License. The technical innovations are genuine -- PTX-level GPU optimization (below CUDA, extremely rare), custom distributed training infrastructure, novel attention mechanisms. Stanford's Christopher Manning: "It's a sad state of affairs for what has long been an open country advancing open science and engineering that the best way to learn about the details of modern LLM design and engineering is currently to read the thorough technical reports of Chinese companies."

The company has 96M+ monthly active users. Downloads on Hugging Face increased nearly 1,000% since January 2025.

Key People

Liang Wenfeng (born 1985) -- Founder and CEO of both DeepSeek and High-Flyer hedge fund. BEng/MEng Zhejiang University. Quant trader since the 2008 financial crisis. Declined a co-founder offer from DJI's Frank Wang. Wrote the Chinese preface for the book on Jim Simons. Named to Time 100 AI. Net worth ~$4.6B (Hurun). Holds 84% of DeepSeek through two shell corporations. Met Xi Jinping at a tech summit in February 2025. Liang is DeepSeek -- there is no visible second-in-command, no independent board, no named CTO.

Team: ~150 employees, flat organization, no KPIs, no assigned roles. Hiring philosophy is "passion and curiosity over experience" -- mostly fresh graduates from Chinese universities. Salaries reportedly exceed $1.3M for promising candidates. Hoover Institution analysis: 98% of researchers have Chinese institutional ties, only 24% had US connections (mostly brief). The V2 model was built "entirely by local talent -- no one returned from overseas."

Notable absences: No safety lead, no safety team, no safety researchers with public profiles. Zero employee perspectives found in the evidence base -- no interviews, no departures, no public statements from anyone other than Liang.

Money and Incentives

Funding: Entirely from High-Flyer hedge fund. No VC, no grants, no external investors. High-Flyer AUM peaked at ~$14B (2021), currently ~$10B. Liang: "Money has never been the problem for us; bans on shipments of advanced chips are the problem." This is an extraordinary funding model -- DeepSeek operates without accountability to investors, regulators, or the public. Early infrastructure investment: $180M spent on data centers and 10,000+ A100 GPUs by mid-2022, before US export controls. Fire-Flyer 1 (2019, 1,100 GPUs, 200M yuan) and Fire-Flyer 2 (2021, 1B yuan budget) established custom training capabilities that preceded DeepSeek's formal founding.

True costs: The $5.6M training cost claim covers only the final successful V3 pretraining run. SemiAnalysis estimates:

  • Total server capex: ~$1.6B
  • Operating costs: ~$944M
  • GPU inventory: ~50,000 Hopper GPUs including ~10K H800, ~10K H100 (illegal under US export controls), ~30K H20, ~10K A100
  • Infrastructure built pre-ban: by mid-2022, $180M spent on data centers with 10,000+ A100 GPUs

Revenue model: None. Liang: "If you're looking for a purely commercial rationale, you might not find one because it's not cost-effective." API pricing reportedly at or below cost. The company may be considering outside investment for the first time (mid-2025 reports).

Incentive structure: DeepSeek's incentives are uniquely aligned with Liang's personal vision and uniquely misaligned with safety. There is no investor demanding responsible deployment. There is no regulatory body with effective oversight. There is no board to push back on risky releases. There is no revenue model that could be threatened by safety incidents. There is no competitor in the Chinese market with higher safety standards that could create competitive pressure for safety. The only external pressure on DeepSeek's content comes from CCP censorship requirements, which have nothing to do with AI safety and actively degrade model safety (CrowdStrike: models generate 50% more insecure code when prompts mention Tibet or Uyghurs).

Export control exposure: Reuters reported DeepSeek has H100s procured after the US ban. V4 reportedly trained on Nvidia Blackwell (most restricted class). If confirmed, DeepSeek directly benefited from export control evasion.

What Others Say

Safety assessments (unanimous -- all catastrophic):

  • Cisco/UPenn: 100% jailbreak success rate on HarmBench. "Not a single harmful prompt blocked."
  • NIST CAISI: 94% jailbreak success rate. 12x more susceptible to agent hijacking than US models. Echoes 4x as many CCP narratives.
  • Enkrypt AI: 11x more likely to generate harmful content than o1. 83% bias attack success. 78% insecure code generation success.
  • AI Lab Watch: 1% overall score (lowest of all labs). FLI AI Safety Index: D grade.
  • Qualys: 58% jailbreak failure rate in their testing; 18 distinct attack types.
  • Holistic AI: once jailbroken, R1 continues answering all subsequent questions without restriction -- no safety reset.

Military adoption: Jamestown Foundation analysis of PLA procurement documents shows DeepSeek adoption for "intelligentized warfare" across the C4ISR chain -- drone swarms, electronic warfare, surveillance integration. NUDT benchmarks claim DeepSeek reduces energy consumption ~40% vs GPT-4 while maintaining accuracy. Shenyang Aircraft Design Institute (J-15, J-35 fighter jets) confirms using DeepSeek. Public security systems embedding DeepSeek for real-time facial recognition, crowd behavior analysis, and "proactive risk identification."

Distillation/IP theft: OpenAI (Jan 2025): "We are aware of and reviewing indications that DeepSeek may have inappropriately distilled our models." Early DeepSeek models answered "I'm ChatGPT" when asked their identity. Anthropic (Feb 2026): accused DeepSeek of using 24K fake accounts to harvest Claude training data. CSIS frames this strategically: the real question is not fairness but whether US firms have any mechanism to prevent this. The answer appears to be no.

Privacy/security: Feroot Security discovered hidden code in DeepSeek's web login page connecting to China Mobile (state-owned telecom banned in US, Pentagon-linked). Independently verified by University of Calgary and UC Berkeley. Wiz Research found an exposed ClickHouse database with 1M+ chat records, API keys, plaintext data -- "completely open and unauthenticated."

Foreign policy bias: CSIS benchmark testing found DeepSeek-V3 recommends "more hawkish, escalatory" responses in crisis scenarios, "particularly acute in scenarios involving free, Western countries." This bias is statistically significant vs GPT-4o and Claude.

Strongest defense: Eric Hartford ("The Demonization of DeepSeek"): argues the model weights are "just safetensor data" that "don't phone home, don't spy, don't exfiltrate data." The real safety issues are in deployment infrastructure, not the weights. The NIST report is "a political hit piece disguised as science." Several Stanford HAI faculty also praise the open-source contribution to research.

Most balanced: CSIS (Gregory Allen) argues export controls didn't fail -- they were poorly implemented initially. DeepSeek's efficiency gains are part of a preexisting trend (4x algorithmic improvement per year), not evidence that compute doesn't matter. The biggest impacts of export controls are forward-looking. Liang himself acknowledges the chip embargo is his biggest challenge.

What's Absent

  • No safety infrastructure at all. No RSP, no FMSP, no safety team, no safety commitments, no model cards, no red-team reports, no safety publications, no engagement with the AI safety community. Among frontier labs, this is unique.
  • No governance. One-man control (Liang, 84% through shells), no independent board, no ethics review, no whistleblower policy, no external advisory body. The governance structure would be inadequate for a startup; for a frontier lab with military applications and 96M users, it is alarming.
  • No deployment restraint. Zero examples of any model or capability being withheld or delayed for safety reasons. Every model appears to have been released without safety-motivated constraints.
  • No response to criticisms. DeepSeek has never publicly addressed the 100% jailbreak rate, the database exposure, the China Mobile connection, the military procurement, or any other safety finding.
  • No financial transparency. All financial data comes from estimates by outside analysts. No public financial statements for either DeepSeek or High-Flyer.
  • No employee voices. Zero direct employee perspectives in the entire evidence base. No departures, no public statements from anyone but Liang.

Recommended Reading

  1. Liang Wenfeng interview (36Kr/Waves, Jul 2024, translated Jan 2025) -- The most candid, unfiltered look at how DeepSeek thinks. Liang speaks freely about AGI, China's innovation gap, why open-source is "cultural not commercial," and why he prefers hiring curious newcomers over experienced researchers. https://jiexu.substack.com/p/interview-deepseek-founder-liang-wenfeng-a-journey-by-curiosity

  2. CSIS: "DeepSeek, Huawei, Export Controls, and the Future of the U.S.-China AI Race" (Jul 2025) -- The most rigorous analytical treatment. Debunks the $5.6M myth, explains High-Flyer's hedge fund heritage, covers chip smuggling and Huawei alternatives, makes the strongest case for why export controls still matter. Contains previously private information about SMIC yields and Huawei chip production. https://www.csis.org/analysis/deepseek-huawei-export-controls-and-future-us-china-ai-race

  3. Cisco Security Assessment (Jan 2025) -- Two pages that say everything about DeepSeek's safety posture: 100% jailbreak success rate, zero harmful prompts blocked. https://blogs.cisco.com/security/evaluating-security-risk-in-deepseek-and-other-frontier-reasoning-models

  4. Eric Hartford: "The Demonization of DeepSeek" -- The strongest counterargument. Argues the weights are inert data, the real issues are deployment infrastructure, and the NIST report is politically motivated. Even if you disagree, this steelmans the pro-DeepSeek case. https://erichartford.com/the-demonization-of-deepseek

  5. Jamestown Foundation: PLA adoption of DeepSeek (Oct 2025) -- Detailed analysis of military procurement documents showing how open-weight models flow into authoritarian military and surveillance applications with no mechanism for prevention. https://jamestown.org/deepseek-use-in-prc-military-and-public-security-systems/

Show Claude’s analysis
An opinionated read. Read the brief first to form your own view.

Stated Theory of Change

DeepSeek does not articulate a theory of change for AI safety because it does not engage with AI safety as a concept. Its stated theory of change is about AGI and national innovation:

  1. Build frontier AI capabilities through algorithmic innovation rather than brute-force compute scaling
  2. Release everything as open-weight under MIT License to build a technology ecosystem
  3. Advance China from technology imitator to technology innovator
  4. Pursue AGI through three paths: math/code as formal testbeds, multimodal learning, natural language

Liang Wenfeng is explicit that commercial returns are not the goal: "If you're looking for a purely commercial rationale, you might not find one." The theory is that open, curiosity-driven research, funded by a hedge fund fortune and unconstrained by investor demands, can match or exceed the output of labs spending tens of billions.

This theory has been validated on the capability dimension. DeepSeek's technical innovations are genuine, its models are frontier-competitive, and it has done this with ~150 people and substantially less compute than US labs.

Revealed Theory of Change

DeepSeek's actions reveal a more complex picture than the pure-research narrative suggests:

What matches stated theory: Open-weight releases under MIT License (consistent through 8+ major models). Research-first hiring (curiosity over experience). Genuine architectural innovations (MLA, MoE improvements, PTX-level optimization). No immediate commercialization push.

What diverges:

  • The "curiosity-driven research" framing elides the military and surveillance applications that flow directly from open-weight release. DeepSeek's models are being adopted by the PLA for "intelligentized warfare" and by public security for mass surveillance. Open-weight release is not neutral -- it is a delivery mechanism for these applications.
  • The national innovation narrative aligns perfectly with CCP industrial policy. Liang met Xi Jinping in February 2025. DeepSeek is being pressured to adopt Huawei chips. R1-0528 tightened CCP censorship compared to R1. The "independent researcher" identity is increasingly entangled with state interests.
  • The complete absence of safety work reveals a revealed preference: capabilities matter, safety does not. When Cisco found a 100% jailbreak rate, DeepSeek did not respond. When Wiz found an exposed database, DeepSeek fixed it but said nothing publicly. When NIST found 94% jailbreak success on the improved model, silence. This is not a lab that cares about safety and hasn't gotten to it yet -- it is a lab that has never considered safety a priority.
  • The pivot toward Huawei (V4 optimized for Ascend, US chipmakers excluded from early access) suggests increasing alignment with Chinese state strategy rather than independent research.

The revealed theory of change is: build the most capable open-weight models possible, release them freely, absorb any technical innovations into the Chinese AI ecosystem, and let the CCP handle content control through censorship filters while ignoring all other safety considerations.

Key Assumptions

Assumption 1: Open-weight release is net positive for the world.

  • Evidence for: Democratizes AI access. Enables academic research. Reduces monopoly power of US labs. Stanford HAI faculty strongly endorse. The technical papers advance the field.
  • Evidence against: 100% jailbreak success rate means anyone can use frontier capabilities for harm. PLA procurement shows military adoption with no mechanism for prevention. Open-weight biosecurity concerns are growing (see "The Open-Weight Problem" forum post). Holistic AI: once jailbroken, R1 stays jailbroken for the entire conversation.
  • Testable? Partially. Could track downstream harms attributable to open-weight DeepSeek models. But attribution is difficult.
  • If wrong: DeepSeek is enabling a massive expansion of accessible harmful AI capabilities with no off switch.

Assumption 2: Safety is someone else's problem.

  • Evidence for: Eric Hartford's argument that weights are inert data and safety is a deployment concern. The same argument Meta makes for Llama.
  • Evidence against: DeepSeek also runs a consumer-facing chatbot with 96M users -- it is both a weights provider and a deployer. The China Mobile connection shows its deployment is unsafe. The CBRN vulnerability means capable models + open weights + no safety = biosecurity risk.
  • Testable? Yes -- track incidents.
  • If wrong: DeepSeek bears responsibility for every harmful use of its models that its safety failures enabled.

Assumption 3: CCP censorship is sufficient content control.

  • Evidence for: The censorship does prevent discussion of sensitive Chinese political topics in the default configuration.
  • Evidence against: Censorship is trivially jailbroken (Promptfoo). Censorship degrades safety in other domains (CrowdStrike: 50% more insecure code with politically sensitive prompts). Censorship is not safety -- it serves CCP interests, not user or global interests.
  • If wrong: CCP censorship actively harms safety rather than providing it.

Assumption 4: China's chip constraints won't stop DeepSeek.

  • Evidence for: DeepSeek has already demonstrated frontier capabilities with constrained hardware. Algorithmic innovation can compensate for compute gaps. SMIC/Huawei chip production is ramping up.
  • Evidence against: Liang acknowledges the chip embargo is his biggest challenge. CSIS argues the most significant impacts of export controls are forward-looking. The difference between 50K GPUs and 200K+ GPUs matters for next-generation scaling.
  • If wrong: DeepSeek falls behind US labs within 1-2 years as scaling continues.

Strengths

  1. Genuine technical innovation. MLA, GRPO, PTX-level optimization, FP8 training -- these are real contributions to the field, not just parameter scaling or distillation. The technical papers are thorough and reproducible.

  2. Extraordinary efficiency. Doing frontier work with ~150 people and constrained compute is genuinely impressive. The flat organization with bottom-up idea generation appears to produce results. CSIS: "The only surprise is that the research lab that discovered some of the relevant technical innovations is a Chinese one."

  3. Financial independence. No VC pressure, no quarterly earnings, no need to generate revenue. This allows genuinely long-term research focus. Liang can pursue whatever he finds interesting without commercial constraints.

  4. Open publication. Publishing detailed technical papers and releasing weights under MIT License is a genuine contribution to the global research community. Stanford HAI, SemiAnalysis, and many researchers acknowledge this.

  5. Talent development. Building frontier capabilities with entirely domestically-trained researchers disproves the assumption that Chinese AI progress depends on US-trained talent.

Weaknesses and Risks

  1. Total safety vacuum. Not merely inadequate safety measures -- a complete absence. No safety team, no RSP, no safety commitments, no red-team reports, no engagement with safety community. 100% jailbreak rate. 1% AI Lab Watch score. This is not a gap to be filled -- it reflects a fundamental orientation that treats safety as irrelevant. This is the single most important finding.

  2. Military and surveillance adoption. PLA procurement documents show DeepSeek adoption for drone swarms, electronic warfare, surveillance, and "intelligentized warfare." Public security systems use it for facial recognition and crowd behavior analysis. The open-weight model makes this unstoppable -- DeepSeek cannot prevent it even if it wanted to. But there is no evidence it wants to.

  3. Authoritarian governance alignment. CCP censorship is deepening over time (R1-0528 more censored than R1). DeepSeek is being pressured to adopt Huawei chips. Liang met Xi Jinping. The "independent researcher" identity is eroding as the company becomes politically important to China.

  4. Single point of failure. The entire operation depends on one man (Liang Wenfeng), one hedge fund (High-Flyer), and the continued health of that fund. There is no governance structure, no succession plan, no diversified funding. If High-Flyer has a bad year, or if Liang's interests change, DeepSeek could collapse.

  5. Data sovereignty and privacy. Hidden code linking to China Mobile. Data stored on Chinese servers. Subject to National Intelligence Law requiring cooperation with intelligence services. Users (96M+) are exposed to these risks often without awareness.

  6. IP acquisition practices. OpenAI distillation allegations, Anthropic fake account allegations, potential export control violations (H100/Blackwell access). If true, these undermine the "independent innovator" narrative and suggest capability gains are partly derived from unauthorized access to competitors' work.

  7. Proliferation risk. Open-weight release of frontier models with zero safety guardrails creates an irreversible proliferation of dangerous capabilities. Once weights are published, they cannot be recalled. Every future model release increases the accessible capability floor for malicious actors.

Cross-References

  • vs. Anthropic: Polar opposite on every safety dimension. Anthropic has RSP, red-teaming, safety team, governance. DeepSeek has none. But both produce frontier models. DeepSeek's existence is the nightmare scenario that Anthropic's theory of change is designed to prevent -- a capable lab with zero safety culture.
  • vs. Meta (Llama): Similar open-weight philosophy but Meta has safety teams, red-team reports, and (some) deployment restrictions. DeepSeek is Meta's approach without any of the guardrails.
  • vs. OpenAI: The distillation relationship is ironic -- DeepSeek may have used OpenAI's outputs to bootstrap, then surpassed OpenAI in some benchmarks. OpenAI's closed-source strategy failed to prevent this.
  • vs. Chinese AI ecosystem: DeepSeek triggered a price war that forced ByteDance, Alibaba, Baidu, and Tencent to cut prices below cost. It is the disruptive outlier, not the mainstream Chinese approach.
  • Coefficient Giving/funders: DeepSeek receives no Western safety funding. It exists entirely outside the AI safety funding ecosystem. There is no lever for the safety community to influence it.

What Would Change This Assessment

  • DeepSeek hires a safety team and publishes safety evaluations. This would indicate a genuine shift in priorities. Currently probability: very low.
  • DeepSeek declines to release a model due to safety concerns. Even one such decision would be significant. Currently probability: approximately zero.
  • Chinese government imposes meaningful safety requirements. China has AI regulations, but they focus on content control (censorship) rather than capability safety. A shift toward capability-focused safety would be important.
  • High-Flyer suffers major financial losses. This would threaten DeepSeek's funding model and could force either shutdown or external investment with new governance.
  • Liang Wenfeng makes substantive public statements about AI safety. Currently he speaks only about AGI, innovation, and China's role. Any genuine engagement with safety concerns would be new.
  • A major incident traceable to DeepSeek models occurs. A biosecurity incident, a military escalation, or a large-scale misuse event attributable to DeepSeek's open-weight models would force a reckoning.

Self-Critique

Weakest claim: My assessment that DeepSeek's safety failures reflect deliberate indifference rather than Chinese cultural/regulatory differences. It is possible that safety work is happening internally but is not publicly visible due to different norms around public communication in China. However, the 100% jailbreak rate and exposed database suggest the absence is real, not just invisible.

Potential bias: This analysis was conducted using exclusively English-language sources about a Chinese company. Chinese-language primary sources, internal communications, and the Chinese regulatory context may paint a different picture. The absence of the Paul Triolo critique (paywalled) and the Exiger report (blocked) creates potential gaps in the military ties assessment.

What a thoughtful disagreer would say: "You're applying Western AI safety norms to a Chinese company operating in a completely different political and cultural context. DeepSeek's contribution to open science outweighs its safety failures, which are no worse than what existed at US labs 3-4 years ago. The military adoption is a consequence of open-weight release, not DeepSeek's intention. And the CCP censorship concerns apply equally to the biases embedded in US models."

Single weakest claim: That DeepSeek's approach to safety will remain unchanged. If external pressure (Chinese regulation, international incidents, competitive pressure from safer Chinese alternatives) grows, DeepSeek could change. The analysis treats the current trajectory as fixed, which may overstate the risk.

What information would most change my view: Direct interviews with DeepSeek employees about internal safety discussions, or evidence of unpublished internal safety evaluations. Also, the full Exiger report on military ties, and Paul Triolo's critique of it.

Connected to (6)

Anthropiccollaborator
Huaweicompute provider
China Mobilecollaborator
OpenAIcollaborator
Nvidiacompute provider
High-Flyer Capital Managementspun off from · Liang Wenfeng
Sources (71)
Every URL that was read during research.
  1. 1.DeepSeek - Wikipediaen.wikipedia.org
  2. 2.Liang Wenfeng - Wikipediaen.wikipedia.org
  3. 3.High-Flyer - Wikipediaen.wikipedia.org
  4. 4.Evaluating Security Risk in DeepSeek and Other Frontier Reasoning Modelsblogs.cisco.com
  5. 5.CAISI Evaluation of DeepSeek AI Models Finds Shortcomings and Risksnist.gov
  6. 6.White Paper: DeepSeek's Deception: How the Chinese Military and Government Funded DeepSeek's AI Researchexiger.com
  7. 7.Delving into the Dangers of DeepSeekcsis.org
  8. 8.Meet the hedge fund manager who founded DeepSeek, the Chinese AI startup that began as a hobby and is now laying waste to U.S. stocks | Fortunefortune.com
  9. 9.Deepseek: From Hedge Fund to Frontier Model Makerchinatalk.media
  10. 10.How Disruptive Is DeepSeek? Stanford HAI Faculty Discuss China’s New Modelhai.stanford.edu
  11. 11.Hawkish AI? Uncovering DeepSeek’s Foreign Policy Biasescsis.org
  12. 12.Interview with Deepseek Founder: We're Done Following. It's Time to Lead.thechinaacademy.org
  13. 13.Full Interview with DeepSeek Founder Liang Wenfeng: A Journey Driven by Curiosity and Idealismjiexu.substack.com
  14. 14.A Technical Tour of the DeepSeek Models from V3 to V3.2magazine.sebastianraschka.com
  15. 15.1,156 Questions Censored by DeepSeek | Promptfoopromptfoo.dev
  16. 16.Taking Stock of the DeepSeek Shockcyber.fsi.stanford.edu
  17. 17.What is DeepSeek, the Chinese AI startup that shook the tech world? | CNN Businesscnn.com
  18. 18.Deepseek Unmasked: Exposing the CCP's Latest Tool For Spying, Stealing, and Subverting U.S. Export Control Restrictionschinaselectcommittee.house.gov
  19. 19.House investigation into DeepSeek teases out funding, security realities around Chinese AI toolcyberscoop.com
  20. 20.Nvidia drops nearly 17% as China's cheaper AI model DeepSeek sparks global tech sell-offcnbc.com
  21. 21.Chinese AI firm DeepSeek reportedly using shell companies to try and evade U.S. chip restrictions — allegedly procured unknown number of H100 AI GPUs after ban, but Nvidia denies the claimtomshardware.com
  22. 22.DeepSeek: A Deep Divecsis.org
  23. 23.DeepSeek, Huawei, Export Controls, and the Future of the U.S.-China AI Racecsis.org
  24. 24.Culture matters at DeepSeekleapfrogs.substack.com
  25. 25.DeepSeek's Secret to Successchinatalk.media
  26. 26.DeepSeek part 1: How new labor practices propelled an unknown AI firm to the topvalueadded.tech
  27. 27.It's 'kind of jarring': AI labs like Meta, Deepseek, and Xai earned some of the worst grades possible on an existential safety index | Fortunefortune.com
  28. 28.[In-depth] Behind DeepSeek's Success: A Profile of China's Most Technical AI Companyxyzlabs.substack.com
  29. 29.DeepSeekdeepseek.com
  30. 30.A Deep Peek Into DeepSeek AI’s Talent And Implications For US Innovationhoover.org
  31. 31.DeepSeek Use in PRC Military and Public Security Systems - Jamestownjamestown.org
  32. 32.OpenAI says DeepSeek ‘inappropriately’ copied ChatGPT – but it’s facing copyright claims tootheconversation.com
  33. 33.The Innovation Dilemma: AI Distillation in OpenAI v. DeepSeeksites.law.berkeley.edu
  34. 34.Wiz Research Uncovers Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History | Wiz Blogwiz.io
  35. 35.DeepSeekailabwatch.org
  36. 36.The Complete Guide to DeepSeek Models: V3, R1, V3.1, V3.2 and Beyondbentoml.com
  37. 37.How DeepSeek built an unconventional talent org that pioneered its R1 modelparaform.com
  38. 38.AIStackDecrypted | Paul Triolo | Substackpstaidecrypted.substack.com
  39. 39.DeepSeek's AI claims have shaken the world — but not everyone's convincedcnbc.com
  40. 40.DeepSeek Debates: Chinese Leadership On Cost, True Training Cost, Closed Model Margin Impactsnewsletter.semianalysis.com
  41. 41.DeepSeek and the China data question: Direct collection, open source, and the limits of extraterritorial enforcement | IAPPiapp.org
  42. 42.What you (don't) see is what you getblogs.lse.ac.uk
  43. 43.US House Select Committee Report Accuses DeepSeek of Spying and Circumventing Export Controls on Chipstechpolicy.press
  44. 44.Which countries have banned DeepSeek and why?aljazeera.com
  45. 45.What are the Security Risks of Deploying DeepSeek-R1? | Promptfoopromptfoo.dev
  46. 46.DeepSeek | Rise, Technologies, Impact, & Global Response | Britannica Moneybritannica.com
  47. 47.DeepSeek Security, Privacy, and Governance: Hidden Risks in Open-Source AI - Theori BLOGtheori.io
  48. 48.China’s AI Policy at the Crossroads: Balancing Development and Control in the DeepSeek Eracarnegieendowment.org
  49. 49.Opinion | Can DeepSeek’s Liang Wenfeng stay true to his AI ideals?scmp.com
  50. 50.The DeepSeek Series: A Technical Overviewmartinfowler.com
  51. 51.DeepSeek-R1 Red Teaming Report: Alarming Security and Ethical Risks Uncoveredunite.ai
  52. 52.DeepSeek AI conducts undisclosed risk evaluation amid heightened Chinese regulatory scrutinydigitimes.com
  53. 53.DeepSeek-R1 Release | DeepSeek API Docsapi-docs.deepseek.com
  54. 54.🚀 Introducing DeepSeek-V3 | DeepSeek API Docsapi-docs.deepseek.com
  55. 55.Who Is Liang Wenfeng, the Founder of AI Disruptor DeepSeek?entrepreneur.com
  56. 56.DeepSeek Jailbreak Vulnerability Analysis | Qualysblog.qualys.com
  57. 57.Researchers link DeepSeek's chatbot to Chinese Mobile, telecom banned from operating in U.S.pbs.org
  58. 58.DeepSeek R1 Red Teaming & Jailbreaking Auditholisticai.com
  59. 59.DeepSeek explained: Everything you need to knowtechtarget.com
  60. 60.DeepSeek: A Problem or an Opportunity for Europe?csis.org
  61. 61.Can open-weight models ever be safe? - Centre for Future Generationscfg.eu
  62. 62.A Dual Disruption and the Constant of Surprises: Trump 2.0 and DeepSeekcsis.org
  63. 63.DeepSeek-V3.2 Release | DeepSeek API Docsapi-docs.deepseek.com
  64. 64.Will DeepSeek’s new model spark another global AI shake-up in 2026?restofworld.org
  65. 65.DeepSeek might not be as disruptive as claimed, firm reportedly has 50,000 Nvidia GPUs and spent $1.6 billion on buildoutstomshardware.com
  66. 66.DeepSeek opens 2026 with paper signalling race to train bigger models for lessscmp.com
  67. 67.DeepSeek AI Model Strategy Shifts as US Chipmakers Nvidia and AMD Are Left Out of Latest Releaseinfluencermagazine.uk
  68. 68.DeepSeek Poised to Unveil Latest AI Model | PYMNTS.compymnts.com
  69. 69.Chinese DeepSeek-R1 AI Generates Insecure Code When Prompts Mention Tibet or Uyghursthehackernews.com
  70. 70.DeepSeek v3 and R1 Model Architecture: Why it's powerful and economicalfireworks.ai
  71. 71.Inside DeepSeek’s End-of-Year AI Breakthrough: What the New Models Deliverc3.unu.edu