Ministry of Industry and Information Technology Issues Warning: Security Backdoor Found in AI Programming Tool Claude Code
1 day ago / Read about 0 minute
Author:小编   

The cybersecurity threat and vulnerability information-sharing platform operated by the Ministry of Industry and Information Technology has identified a security vulnerability—specifically, a backdoor—in the AI programming tool Claude Code (ranging from versions 2.1.91 to 2.1.196). This tool, developed by the U.S.-based company Anthropic, contains an embedded monitoring mechanism capable of transmitting sensitive user data, including the user's geographical location and identity information, without obtaining explicit user consent. To mitigate potential risks, it is strongly advised that relevant organizations and individual users promptly investigate the issue, uninstall or upgrade the affected versions of Claude Code, and implement enhanced measures for external access control and network traffic monitoring for all development tools. These steps are crucial to safeguard against the unauthorized disclosure of sensitive information.