China Finds Security Vulnerabilities in Anthropic’s Claude Code
Poulami Saha
Security Alert Issued: China's cybersecurity authorities warned that certain Claude Code versions contain alleged "backdoor" vulnerabilities capable of transmitting sensitive user information to remote servers.
Data Privacy Concerns: The reported vulnerabilities could expose user identity, device information, and location data without explicit consent, raising serious privacy and enterprise security concerns.
Official Advisory Released: China's National Vulnerability Database advised organizations to uninstall affected versions or immediately update the software to reduce potential cybersecurity risks.
Anthropic's Response: Anthropic said the feature was an experimental anti-abuse mechanism designed to prevent unauthorized usage and model misuse, not a malicious backdoor.
Alibaba Takes Action: Alibaba reportedly classified Claude Code as high-risk software and instructed employees to stop using the coding assistant over security concerns.
AI Rivalry Intensifies: The dispute reflects broader geopolitical competition between the United States and China, where AI security increasingly overlaps with national technology policy.
Developers Remain Interested: Despite restrictions, Claude Code continues attracting Chinese developers who access the platform through overseas services and alternative connectivity methods.
Enterprise Security Impact: The incident highlights growing demand for transparent AI software, stronger security auditing, and verifiable safeguards before enterprise deployment of coding assistants.
Global AI Governance: The controversy underscores how AI tools now face increasing regulatory scrutiny, with governments treating advanced coding assistants as strategic cybersecurity technologies.