Zendoric
← Back to the day · July 9, 2026

China issues a security alert over an alleged 'backdoor' in Anthropic's Claude Code

🕒 Published on Zendoric: July 9, 2026 · 00:21

China's Ministry of Industry and Information Technology (MIIT) announced on Wednesday, July 8, that its cybersecurity threat platform detected that Anthropic's AI-assisted coding tool Claude Code "contains a backdoor vulnerability that poses a serious threat."

🎧 Listen to the analysis
🎉 We're already a big community — and growing every dayJoin the readers who never miss the AI analysis that sets the momentum. Subscribe free.

We'll send you a confirmation email (double opt-in). Privacy.

China's Ministry of Industry and Information Technology (MIIT) announced on Wednesday, July 8, that its cybersecurity threat platform had detected that Anthropic's AI-assisted coding tool, Claude Code, "contains a backdoor vulnerability that poses a serious threat." According to the statement in Chinese, cited by CNBC, the tool could send sensitive information to a remote server without the user's consent, including location and identity data. The Chinese authorities recommended that users uninstall or update the affected versions, which range from 2.1.91 to 2.1.196—released between April 2 and June 29—given that the most recent version available on Wednesday was 2.1.204, according to Anthropic's website. The company did not immediately respond to CNBC's request for comment.

The backdrop to this alert is no coincidence: it comes at a time of growing friction between Anthropic and Chinese tech players. Last month, Anthropic accused the Chinese company Alibaba of trying to extract its AI capabilities—a product that, it bears recalling, is not officially available in China. Alibaba did not publicly comment on those accusations at the time. In parallel, CNBC confirmed on Monday that Alibaba has ordered its employees to stop using Anthropic tools for work starting July 10, a measure that coincides in timing with the government warning about Claude Code.

The contrast between the official ban and actual usage is striking: even though Anthropic's tools are not officially marketed in China, many local users have found ways to access them. The article notes that in March an AI developer at Xiaomi pointed out, at a state-organized forum, that a considerable number of people in China were already using Claude Code despite the restrictions. This suggests that de facto adoption of U.S. generative AI tools among Chinese developers is significant, even amid geopolitical tension and declared technological competition between the two countries.

The analysis that can be drawn from these events points to a mutual instrumentalization of security concerns in the U.S.–China technological rivalry. On one hand, Anthropic denounced attempts by a major Chinese tech company to extract its capabilities; on the other, barely weeks later, a Chinese regulatory body issued a public alert labeling a vulnerability in that same U.S. company's flagship product a "backdoor." The article provides no independent technical evidence confirming the actual existence of that backdoor, nor does it detail the origin or detection methodology of the supposed Chinese cyberthreat platform; it merely reproduces the MIIT's official statement. Nor is there any indication in the text that Anthropic has acknowledged or denied the security flaw, since the company did not respond in time for publication of the story.

It is important to underscore the limits of the available information: the article is brief, from a news agency, and does not delve into technical aspects such as the exploitation vector, whether any published proofs of concept exist, or whether other cybersecurity firms—Western or independent—have corroborated the Chinese finding. Nor does it specify whether the MIIT warning is binding for Chinese companies or is merely a recommendation. Amid strategic AI rivalry between Washington and Beijing, alerts of this kind may respond as much to genuine security concerns as to moves of regulatory pressure or industrial policy, aimed at discouraging Chinese companies and developers from using U.S. technology in favor of domestic alternatives. Without further sources technically corroborating the vulnerability, the accusation should be treated with caution until Anthropic offers an official response or third parties independently audit the finding.

🔗 Related on Zendoric

Sources & references

Get the analysis by email · free

One email a day analysing the AI essentials. Free, no spam, unsubscribe anytime.

We'll send you a confirmation email (double opt-in). Privacy.