ARTICLE AD BOX
A cybersecurity platform operated by China's industry ministry warned on Wednesday that it had identified a serious security "backdoor" risk in Anthropic's AI coding tool, Claude Code. US-based Claude Code is an AI agent capable of generating, debugging and reviewing code based on user prompts. China’s National Vulnerability Database (NVDB), in a statement posted on its WeChat account, said Claude Code contained a built-in monitoring mechanism capable of transmitting sensitive information, including users' geographic location and identity-related identifiers, to remote servers without users' consent. The warning applied to Claude Code versions 2.1.91 through 2.1.196, according to the state-operated cybersecurity platform. Read: A new, inexpensive Chinese AI model is catching up with Anthropic, OpenAI on their home turf NVDB advised that organisations and users in the country should immediately review affected systems and either uninstall the impacted versions or upgrade to the latest secure release in which the alleged backdoor code has been removed. It also urged organisations to tighten controls on external network access for development tools and strengthen traffic monitoring on core business networks to prevent the unauthorised transfer of sensitive data. China's Alibaba had banned employees from using Claude Code at work after the tool drew scrutiny for features enabling it to identify China-linked users, Reuters reported last week. Anthropic did not reply to a Reuters request for comment. Also Read: Alibaba.com sees CPEC 2.0 boosting trade
.png)
13 hours ago
1






English (US) ·