International Circuit
China flags security risks in Anthropic’s Claude code
A cybersecurity platform operated by China’s industry ministry warned on Wednesday that it had identified a serious security “backdoor” risk in Anthropic’s AI coding tool, Claude Code.
In a statement posted on its WeChat account, the National Vulnerability Database (NVDB) said Claude Code contains a built-in monitoring mechanism capable of transmitting sensitive information, including users’ geographic location and identity-related identifiers, to remote servers without users’ consent.
The warning applies to Claude Code versions 2.1.91 through 2.1.196.
NVDB advised that organizations and users should immediately review affected systems and either uninstall the impacted versions or upgrade to the latest secure release in which the alleged backdoor code has been removed.
It also urged organizations to tighten controls on external network access for development tools and strengthen traffic monitoring on core business networks to prevent the unauthorized transfer of sensitive data.
China’s Alibaba has banned employees from using Claude Code at work after the tool drew scrutiny for features that can help identify China-linked users, Reuters reported last week. Reuters










You must be logged in to post a comment Login