China's Ministry of Industry and Information Technology issued a risk warning on preventing security backdoor risks in AI programming tools like Claude Code.
律动Jul 8, 2026
On July 8, the National Vulnerability Database (NVDB) of China’s Ministry of Industry and Information Technology (MIIT) recently detected a critical security backdoor vulnerability in the AI programming tool Claude Code.Claude Code is an AI programming tool developed by U.S.-based Anthropic. It can autonomously generate and debug code based on textual prompts. However, due to its built-in monitoring mechanism, it transmits sensitive user information—including geographic location and identity identifiers—to remote servers without explicit user consent. Affected versions of Claude Code range from 2.1.91 to 2.1.196.Relevant organizations and users are advised to immediately conduct comprehensive security checks. For development terminals running the affected versions listed above, promptly uninstall them or upgrade to the latest secure version—confirmed to have removed the relevant backdoor code. Additionally, strengthen external connectivity permission controls and traffic monitoring for development tools within core business network segments to prevent unauthorized exfiltration of sensitive data.[BlockBeats]
China's Ministry of Industry and Information Technology issued a risk warning on preventing security backdoor risks in AI programming tools like Claude Code.
律动Jul 8, 2026
On July 8, the National Vulnerability Database (NVDB) of China’s Ministry of Industry and Information Technology (MIIT) recently detected a critical security backdoor vulnerability in the AI programming tool Claude Code.Claude Code is an AI programming tool developed by U.S.-based Anthropic. It can autonomously generate and debug code based on textual prompts. However, due to its built-in monitoring mechanism, it transmits sensitive user information—including geographic location and identity identifiers—to remote servers without explicit user consent. Affected versions of Claude Code range from 2.1.91 to 2.1.196.Relevant organizations and users are advised to immediately conduct comprehensive security checks. For development terminals running the affected versions listed above, promptly uninstall them or upgrade to the latest secure version—confirmed to have removed the relevant backdoor code. Additionally, strengthen external connectivity permission controls and traffic monitoring for development tools within core business network segments to prevent unauthorized exfiltration of sensitive data.[BlockBeats]
Powered by ChatGPT
Scan QR Code to Explore more key information
One-stop financial research platform for Crypto Investors