China Warns of ‘Security Backdoor’ in Anthropic’s Claude Code AI Tool

Alleged backdoor could allow the software to "transmit sensitive information", says NVDB

Stay Connected, Stay Informed - Follow News Alert on WhatsApp for Real-time Updates!

China’s cybersecurity authorities have issued a warning about an alleged “security backdoor” in versions of Anthropic’s AI-powered coding tool, Claude Code, claiming it could pose risks to users and organizations.

The warning was released on Wednesday by China’s National Vulnerability Database (NVDB), a cybersecurity platform affiliated with the country’s Ministry of Industry and Information Technology. According to the regulator, the alleged vulnerability could enable the software to transmit sensitive information—including users’ location data and identity-related identifiers—to Anthropic’s servers without users’ knowledge or consent.

However, the Chinese regulator has not publicly presented technical evidence to support its claims.

What Is Claude Code?

Claude Code is an AI coding assistant developed by US-based startup Anthropic. The tool is designed to help software developers generate computer code, debug applications, review existing code, and perform other programming tasks based on natural language prompts.

Like other AI-powered coding assistants, Claude Code has become increasingly popular among developers seeking to automate routine programming tasks and improve productivity.

NVDB Advises Users to Remove or Update the Software

In its advisory, the NVDB stated that it had recently detected what it described as a significant security risk in Claude Code.

The regulator urged government agencies, businesses, and individual users to immediately inspect their systems and either uninstall the affected versions of the software or upgrade to the latest version if the alleged vulnerability has been addressed.

It also recommended that organizations strengthen network traffic monitoring to help detect and prevent any unauthorized transmission of sensitive data.

Anthropic Yet to Respond

As of publication, Anthropic had not publicly responded to requests for comment regarding the allegations.

The claims first surfaced last week in specialist technology media before being highlighted by Chinese authorities. Without an official response or an independent technical assessment, the allegations remain unverified.

Claude Code Source Leak: What Went Wrong at Anthropic?

AI Restrictions Between the US and China

Anthropic currently restricts access to its AI products in China and several other countries that it considers high-risk or adversarial. Although the company’s services are officially unavailable in mainland China, some users have reportedly continued accessing them through virtual private networks (VPNs) or third-party proxy services.

The warning comes amid growing geopolitical tensions surrounding artificial intelligence, cybersecurity, and the handling of user data by global technology companies.

Alibaba Reportedly Bans Claude Code

According to people familiar with the matter, Chinese technology giant Alibaba has informed employees that the use of Claude Code will be prohibited from July 10, citing security concerns.

The reported move follows increasing scrutiny of foreign AI tools operating in China and reflects broader efforts by Chinese companies to strengthen cybersecurity practices.

Anthropic and Alibaba have previously been involved in a separate dispute after Anthropic accused the Chinese company of attempting to reverse-engineer its AI models through a process known as AI distillation, in which one model is trained to imitate the capabilities of another.

Growing Focus on AI Security

The latest warning highlights the increasing importance of cybersecurity as AI-powered development tools become more widely adopted. Governments and businesses around the world are paying closer attention to how these tools collect, process, and transmit data, particularly when they are used in environments handling sensitive or confidential information.

Whether China’s allegations are confirmed through independent technical analysis remains to be seen, but the incident underscores the broader debate over AI security, transparency, and cross-border technology regulation.

Leave a Comment

This material may not be published, broadcast, rewritten, redistributed or derived from.
Unless otherwise stated, all content is copyrighted © 2025 News Alert.