A year after the launch of the Chinese AI model DeepSeek, it’s still one of the most dangerous AI tools hiding in enterprise workflows, according to researchers. And its popularity with coders is driving the problem.
According to research by Harmonic, DeepSeek represents only 25% of China-based AI usage at work in UK and US organizations, but it’s linked to 55% of sensitive data exposure.
Yet the most-used China-based chatbot isn’t DeepSeek at all, it’s Moonshot’s AI Kimi.
According to Harmonic Security, almost 8% of employees in the average enterprise used at least one China-based generative AI tool in the past 30 days – that’s nearly one in 12 workers.
The findings come from Harmonic’s AI Usage Index dataset, which analyzed over 22 million anonymous enterprise Gen AI prompts from January 1st to December 31st, 2025, tracking the tools employees use and identifying when sensitive information is shared through prompts.
The biggest surprise was which app leads overall usage. Harmonic found that Moonshot AI’s chatbot, Kimi, recorded roughly 700,000 interactions, far ahead of Deepseek's 200,000.
The next most-used tools included Youdao (150,000) and Tencent Hunyuan (100,000), while others, such as Baidu Chat, ERNIE Bot, and Qwen Chat, trailed further behind.
Researchers said they are not certain why Kimi is so dominant, but suggested it may be particularly strong at handling long context, supporting large text uploads, and Chinese-language workflows.
Kimi’s rising popularity comes as Moonshot AI attracts fresh investor attention. CNBC reported that the Alibaba-backed startup’s valuation climbed to $4.8 billion, up $500 million in just weeks, amid strong market momentum for China’s so-called “AI Tiger” firms.
But when it comes to keeping CISOs awake at night, DeepSeek remains the bigger problem.
Harmonic found that although DeepSeek accounts for only 25% of China-based usage, it represents 55% of sensitive data exposure, driven largely by its popularity among coders.
Across Chinese tools, exposed data types were dominated by source code, followed by financial projections, legal discourse, M&A data, and even personally identifiable information (PII).
DeepSeek’s risk profile has also been amplified by a wave of security concerns, including reported database exposures, weak cryptography findings, and increased regulatory action by governments worldwide.
However, Harmonic argues that enterprises should focus less on blanket blocking.
“Blocking everything Chinese rarely works,” Harmonic said in its blog.
“When organizations implement restrictive policies, employees find workarounds: personal devices, personal networks, tomorrow’s new tool. With 665 AI applications in our dataset, new tools emerging consistently, comprehensive block lists are operationally impossible.
“Asia Pacific teams lose regional workflows, developers lose open-source learning. Translation use cases (18% of all AI traffic) get pushed into higher-risk tools.
“Overblocking doesn't reduce AI usage, it reduces visibility.”
Instead, the company calls for enterprises to place greater focus on visibility and guardrails – including detecting sensitive data in real time, restricting credential and code uploads, and providing approved AI alternatives that employees will actually use.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked