According to China's National Vulnerability DataBase (NVDB), which operates under the Ministry of Industry and Information Technology, multiple Claude Code releases published between April and June were found to include what the agency described as a "backdoor vulnerability." The regulator claimed the software could send sensitive information such as a user's location and identity to remote servers because of an embedded monitoring mechanism. It advised users to uninstall affected versions or update to the latest release.
The security warning comes days after Chinese technology giant Alibaba reportedly instructed employees to stop using Claude Code for work purposes, classifying it as high risk software. Employees have been directed to use Alibaba's in house AI coding platform, Qoder, instead.
The controversy follows claims made by developers and security researchers who reverse engineered portions of Claude Code and alleged that the software contained hidden logic capable of detecting whether users were operating from China or were connected to Chinese AI laboratories. Reports suggested the mechanism checked factors such as system time zones, network configurations and proxy settings before sending signals back to Anthropic.
An Anthropic engineer acknowledged on social media that the feature was part of an experimental anti abuse system intended to prevent unauthorized account sharing, model reselling and AI model distillation. The company reportedly removed the mechanism after it was brought to public attention. However, Anthropic had not issued a formal public statement responding to China's latest security advisory at the time of publication.
The dispute also follows recent tensions between Anthropic and several Chinese AI companies. Last month, Anthropic accused Chinese AI labs, including Alibaba, of attempting to extract knowledge from its AI models through large scale model distillation techniques. Those allegations further strained relations between the companies and added to broader concerns around intellectual property protection in generative AI.
Claude Code has gained popularity among software developers globally as an AI powered coding assistant, despite Anthropic restricting official access to users in mainland China. Many developers in the country have reportedly continued using the tool through overseas proxy services, making it a significant presence within China's developer ecosystem.
The latest developments highlight how AI software is increasingly becoming part of broader geopolitical and cybersecurity discussions. As governments introduce stricter oversight of advanced AI systems, concerns are expanding beyond model capabilities to include data handling, privacy safeguards and cross border software governance.
The episode also underscores the growing fragmentation of the global AI ecosystem. Technology companies in both the United States and China are increasingly encouraging the adoption of domestic AI tools amid rising regulatory scrutiny and national security concerns. As AI platforms become more deeply integrated into enterprise software development, issues related to trust, transparency and data protection are expected to remain central to industry discussions.