Published 2 days ago • loading... • Updated 10 hours ago
China warns of "security backdoor" in Anthropic AI coding tool
The advisory says affected versions can send location and identity data to remote servers, and Alibaba has banned the tool for work.
On Wednesday, China warned of 'security backdoor' risks in US-based Anthropic's Claude Code tool, with the National Vulnerability Database cautioning that the AI coding agent poses a severe threat to organizations and users.
Affected versions 2.1.91 to 2.1.196 can allegedly 'transmit sensitive information' back to servers without user consent, including location and identity data, the NVDB reported.
Claude Code engineer Thariq Shihipar wrote that the tracking was an 'experiment' launched in March to prevent unauthorized resellers and protect against 'distillation,' with removal planned for the next release.
Starting July 10, Alibaba ordered employees to stop using Claude Code for work following scrutiny over features identifying Chinese users, though the company did not comment on the security allegations.
This development intensifies the U.S.-China tech race, as Anthropic previously accused Alibaba of reverse-engineering its AI models through 'distillation,' while Claude Code remains officially unavailable in China despite VPN access.
Chinese Security Agency Warns of Security Vulnerabilities in Clod Code
A security agency under the Chinese government has recommended the removal of Antropic's AI coding tool, Clod Code, citing the discovery of security vulnerabilities. However, Antropic maintains that Chinese companies are not entitled to access Clod Code. China...