Ministry of Industry and Information Technology Warns of Security Backdoor Risks in Claude Code
The Cybersecurity Threat and Vulnerability Information Sharing Platform of the Ministry of Industry and Information Technology has detected that the AI programming tool Claude Code has security backdoor risks, posing serious threats. Claude Code is an AI programming tool developed by the American company Anthropic, capable of autonomously writing and fixing code based on textual requirements. This tool has a built-in monitoring mechanism that transmits sensitive information such as user location and identity identifiers to remote servers without user consent. The affected versions are from 2.1.91 to 2.1.196. It is recommended that relevant organizations and users immediately conduct a comprehensive inspection, uninstall or upgrade to the latest secure version that has removed the related backdoor code; strengthen control over external access permissions and traffic monitoring for development tools within core business network segments to prevent unauthorized transmission of sensitive data.



