World

China warns Anthropic's Claude Code may contain security backdoor

China’s vulnerability database said Claude Code could leak location and identity data, turning a coding assistant into the latest flashpoint in the U.S.-China AI security fight.

Sarah Chen··1 min read
Published
Listen to this article0:00 min
China warns Anthropic's Claude Code may contain security backdoor
Photo illustration

China’s National Vulnerability Database warned that Anthropic’s Claude Code contains a security backdoor. The coding tool has a built-in monitoring mechanism that can send sensitive information, including geographic location and identity-related identifiers, to remote servers without user consent. The alert covered Claude Code versions 2.1.91 through 2.1.196, released between April 2 and June 29, and told users to uninstall affected builds or upgrade to the latest secure release. It also urged tighter controls on external network access for development tools and closer monitoring of core business traffic so sensitive data would not be transferred unknowingly.

Alibaba has already banned employees from using Claude Code at work, after the tool came under scrutiny for features that can help identify China-linked users. Anthropic bars access to Claude in China, and its September 4, 2025 policy update barred use by companies or organizations more than 50% owned, directly or indirectly, by firms headquartered in unsupported regions such as China.

Anthropic maintains the feature was an experimental anti-abuse mechanism. Claude Code is an agentic coding system that can read a codebase, make changes across files, run tests and deliver committed code, and most of Anthropic’s code is now written with Claude Code.

AI-generated illustration
AI-generated illustration

In February 2026, Anthropic found industrial-scale distillation campaigns by DeepSeek, Moonshot and MiniMax, involving more than 16 million exchanges through about 24,000 fraudulent accounts. In November 2025, the company disrupted what it called the first AI-orchestrated cyber espionage campaign, which it attributed with high confidence to a Chinese state-sponsored group and targeted roughly 30 global organizations, including tech companies, financial institutions, chemical manufacturers and government agencies.

This article was produced by Prism’s automated news system from verified source data, official records, and press releases, then run through automated quality and moderation checks before publishing. The system is built and supervised by the people who set the standards it runs under. Read our full AI policy.

Did this article answer your question?

Discussion

More in World