ThinkPatternGet the app
Story
TECHNOLOGY · JUL 8, 2026

China Flags Security Backdoor in Anthropic's Claude Code Tool

China's National Vulnerability Database warned that Anthropic's Claude Code contains a security backdoor, prompting Alibaba to ban the tool for its employees.

The National Vulnerability Database, affiliated with China's Ministry of Industry and Information Technology, issued a warning on July 8, 2026, claiming that versions 2.1.91 through 2.1.196 of Anthropic's Claude Code AI tool contain a security backdoor. The regulator alleged that a built-in monitoring mechanism transmits sensitive user identity and geographic location data to remote servers without consent, posing a severe threat to privacy and intellectual property.

Anthropic rejected the backdoor characterization, describing the functionality as an experimental anti-abuse mechanism launched in March. The company stated the code was designed to prevent unauthorized resellers and model distillation—the process of reverse-engineering models to train competing AI—specifically targeting users in restricted regions like China, where the product is not officially offered. Engineer Thariq Shihipar noted that the company intended to roll back the feature in a July 2 release.

In response to the advisory, Alibaba Group barred its employees from using Claude Code effective July 10, labeling it high-risk software and directing staff to use its internal Qoder tool. This dispute follows broader tensions, with Anthropic accusing several Chinese firms, including Alibaba, DeepSeek, Moonshot AI, and MiniMax, of conducting large-scale distillation attacks against its models.


Reported across 18 outlets
Actors
AnthropicMinistry of Industry and Information TechnologyNational Vulnerability DatabaseAlibaba GroupThariq Shihipar

Keep reading in the app

The full story and every source, free in the app.

Download on the App StoreComing soonGoogle Play