03

China warns of a "backdoor" in Anthropic's Claude Code

incrementalDeveloperLegal

Wednesday, July 8, 2026

Confidence

Medium · — Chinese regulator primary + 3 corroborating; underlying technical evidence not disclosed and Anthropic has not responded.

Evidence

NVDB advisory + Reuters + CNBC

Beijing's National Vulnerability Database issued a named advisory Wednesday alleging Claude Code silently exfiltrates user location and identity data — the first state-level security callout against a US coding agent, days before Alibaba's internal ban takes effect.
  • The Chinese Ministry of Industry and Information Technology said Wednesday its cybersecurity threat platform found "AI coding tool Claude Code contains a security back-door vulnerability that poses a serious threat."
  • The affected versions are Claude Code 2.1.91 through 2.1.196; the NVDB advised organizations and users to conduct an immediate inspection and either uninstall or upgrade to the latest secure version that has removed the backdoor code.
  • Alibaba told employees last week that use of Claude Code would be banned starting July 10 due to security concerns; Anthropic has previously accused Alibaba of reverse-engineering its AI models to mimic their abilities in a process known as "distillation." Source: WSJ.

Sources

Apply this today

The hands-on layer the brief points to: a workflow you can run, a tool to test, and today’s 60-second video.

Get the next one in your inbox

One daily brief. Every story gets a hype verdict.

No spam. Unsubscribe anytime.